I can't access to docker container directly from his ip

Question

So here is my problem:

1. I have a server with debian 10 that runs docker
2. In the docker containers i run pihole
3. When i run the pihole container, docker set his ip to 172.17.0.2
4. Docker itself create a network interface called: docker0 and his ip is 172.17.0.1

The problem being outside the server, when i ping to the docker interface 172.17.0.1 its fine, but when i ping to the docker container 172.17.0.2 its no reachable.

Here is the ip a command output

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: eno1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether ac:16:2d:12:30:71 brd ff:ff:ff:ff:ff:ff
    inet 10.42.0.247/24 brd 10.42.0.255 scope global dynamic eno1
       valid_lft 3152sec preferred_lft 3152sec
    inet6 fe80::ae16:2dff:fe12:3071/64 scope link 
       valid_lft forever preferred_lft forever
3: wlp2s0: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN group default qlen 1000
    link/ether d0:37:45:80:81:0f brd ff:ff:ff:ff:ff:ff
4: docker0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default 
    link/ether 02:42:55:80:15:34 brd ff:ff:ff:ff:ff:ff
    inet 172.17.0.1/16 brd 172.17.255.255 scope global docker0
       valid_lft forever preferred_lft forever
    inet6 fe80::42:55ff:fe80:1534/64 scope link 
       valid_lft forever preferred_lft forever
25: vethedcefcc@if24: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master docker0 state UP group default 
    link/ether e2:02:56:8f:9b:22 brd ff:ff:ff:ff:ff:ff link-netnsid 0
    inet6 fe80::e002:56ff:fe8f:9b22/64 scope link 
       valid_lft forever preferred_lft forever

What i need to do?, what i have to configure?

Thanks:

~James Phoenix

Answer 1

You can't access container IP directly from host.

If you want to access service from outside you need to forward (publish) service ports

Example:

docker host IP → 192.168.0.111
container IP → 172.17.0.111

Run nginx container and publish 8080 port to connect from outside:

docker run --name some-nginx -d -p 8080:80 some-content-nginx

Here 8080 is external port (accessible from outside)
And 80 is internal port (accessible from container group in same network)

Access to nginx:

curl http://localhost:8080

# or

curl http://192.168.0.111:8080