setup correctly connection from container to Docker API

[pisarevaa]

Could you please explain how to setup correctly connection from container to Docker API or host port 2375 in Linux machine.

1. I have opened port 2375 to connect to Docker API in /lib/systemd/system/docker.service:
   ExecStart=/usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock -H tcp://127.0.0.1:2375
2. My docker-compose.yml is:

version: '3.7'
services:
  web:
    image: some_image
    restart: unless-stopped
    command: python manage.py runserver 0.0.0.0:80
    volumes:
      - ./:/usr/src/app/
    ports:
      - 80:80
    depends_on:
      - docker-host
    networks:
      - app-network
    env_file:
      - ./.env
  docker-host:
    image: qoomon/docker-host
    cap_add: [ 'NET_ADMIN', 'NET_RAW' ]
    restart: on-failure
    networks:
      - app-network

networks:
  app-network:
    driver: bridge

3. After that I connect to container via sudo docker exec -it web_1 bash
4. Run command inside container curl -X GET host.docker.internal:2375/containers/json and get an error curl: (6) Could not resolve host: host.docker.internal

Where am I wrong?

[pisarevaa]

I ended up with the following steps:

1. Added unix socket to Docker API in /lib/systemd/system/docker.service:
   ExecStart=/usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock -H tcp://127.0.0.1:2375 -H unix:///var/run/docker.sock
2. Add volume /var/run/docker.sock to docker-compose.yml is:

version: '3.7'
services:
  web:
    image: some_image
    restart: unless-stopped
    command: python manage.py runserver 0.0.0.0:80
    volumes:
      - ./:/usr/src/app/
      - /var/run/docker.sock:/var/run/docker.sock
    ports:
      - 80:80
    depends_on:
      - docker-host
    networks:
      - app-network
    env_file:
      - ./.env
  docker-host:
    image: qoomon/docker-host
    cap_add: [ 'NET_ADMIN', 'NET_RAW' ]
    restart: on-failure
    networks:
      - app-network

networks:
  app-network:
    driver: bridge

3. Run command succesfully curl -XGET --unix-socket /var/run/docker.sock localhost:2375/containers/json

[qoomon]

Hi glad to hear you found a solution. However it will work if you connect to the right host curl -X GET <DOCKER_HOST_CONTAINER_NAME>:2375/containers/json in you example it would be curl -X GET docker-host:2375/containers/json

[qoomon]

I highly recommend not binding "docker.sock" into you application container cause you can gain root access to you docker host system from within your web application container.

[pisarevaa]

Hi, I have tried curl -X GET docker-host:2375/containers/json but got an error Failed to connect to docker-host port 2375: Connection timed out

[qoomon]

what OS do you use?

On Linux systems

You have to bind your host applications to bridge network gateway in addition to localhost(127.0.0.1).

Use following docker command to get the bridge network gateway IP address
docker network inspect bridge --format='{{( index .IPAM.Config 0).Gateway}}'

You might need to configure your firewall of the host system to allow the docker-host container to communicate with the host on your relevant port, see #21.

[qoomon]

maybe its because auf the bridge network configuration in your docker.compose file, can you give it a try without that network?