Docker for windows: cannot access a service on an open port in Windows container mode

Question

Docker for windows: cannot access a service on an open port in Windows container mode

I use the following Dockerfiles to create a container with Jenkins in a Windows container on a Windows 10 desktop with docker for Windows version 17.03

FROM microsoft/windowsservercore RUN powershell -Command wget 'http://javadl.oracle.com/webapps/download/AutoDL?BundleId=210185' -Outfile 'C:\jreinstaller.exe' ; Start-Process -filepath C:\jreinstaller.exe -passthru -wait -argumentlist "/s,INSTALLDIR=c:\Java\jre1.8.0_91" ; del C:\jreinstaller.exe ENV JAVA_HOME c:\\Java\\jre1.8.0_91 RUN setx PATH %PATH%;%JAVA_HOME%\bin CMD [ "java.exe" ]

I am creating an image from this docker file:

 docker build -t windows-java:jre1.8.0_91 .

The second Docker file that I use to install Jenkins on top of this:

 FROM windows-java:jre1.8.0_91 ENV HOME /jenkins ENV JENKINS_VERSION 2.58 RUN mkdir \jenkins RUN powershell -Command "wget -Uri https://updates.jenkins-ci.org/latest/jenkins.war -UseBasicParsing -OutFile /jenkins/jenkins.war" EXPOSE 8080 EXPOSE 50000 CMD java -jar C:\\jenkins\\jenkins.war docker build -t jenkins-windows:2.0 .

Then I launch the container as follows:

 docker run --name jenkinsci -p 8080:8080 -p 50000:50000 jenkins-windows:2.0

I see that the container is working fine and the logs are showing all the good

 PS C:\Users\mandeep\ringba\ringba-jenkins-setup-windows\jenkins-master> docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 85ba2ef525a1 jenkins-windows:2.0 "cmd /S /C 'java -..." 8 hours ago Up 8 hours 0.0.0.0:8080->8080/tcp, 0.0.0.0:50000->50000/tcp jenkinsci

However, I cannot access the jenkins server running on http://localhost:8080 in the web browser of the host machine.

Not sure if this helps, but when I ran the docker in Linux container mode on the same computer, I was able to access the jenkins server at http://localhost:8080 using their official docker image.

+5

docker docker-for-windows

mandeep_m91 May 03 '17 at 20:52

source share

2 answers

To finalize @ Kallie-Microsoft's publication:

docs.docker.com has been updated under Windows Container Restrictions for Local and Published Ports

Docker for Windows provides the ability to switch between Windows and Linux containers. If you use Windows containers, keep in mind that there are some network restrictions due to the current implementation of Windows NAT (WinNAT). These restrictions can potentially be resolved as the Windows container project evolves.
One thing you may encounter is that published ports on Windows containers do not loopback to the local host. Instead, container endpoints are accessible only from the host using IP containers and a port.
So, in the scenario in which you use Docker to pull out the image and start the web server with this command:
 docker run -d -p 80:80 --name webserver nginx 
Using curl http: // localhost or pointing your web browser to http: // localhost does not display the nginx web page (as would be done with Linux containers).
To get to the Windows container from the local host, you need to specify the IP address and port for the container on which the service is performed.
You can get the IP address of the container by checking dockers with some - formatting options and the identifier or name of the container. In the above example, the command will look like this, using the name that we gave the container (web server) instead of the container identifier:
 $ docker inspect \ --format='{{range .NetworkSettings.Networks}}{{.IPAddress}}{{end}}' \ webserver 

0

Alexandre Roux Aug 30 '17 at 16:39

source share

Kallie-microsoft · Accepted Answer · 2017-05-03T22:07:39+0000

This is currently a known issue in Windows. It is not possible to access the container endpoint from your host using localhost / 127.0.0.1. This is possible using Linux containers today because Docker has included a special workaround that is unique to their Moby / Linux implementation for running Linux containers on Windows.

We are working on a fix for this, but today we recommend getting around this as follows:

Access to container endpoints from a separate host using the IP address of the host where the container is running, and the open port for the container on its host
OR by accessing the container on the same host using the container’s internal IP address and published port (you can use docker network inspect <network name> or docker exec <container ID> ipconfig> to get the IP address of the container endpoint)

Docker for windows: cannot access a service on an open port in Windows container mode

More articles: