Port forwarding when using boot2docker on OSX

[jagregory]

I followed the official guide for installing docker on OSX with boot2docker. Everything seems to be working fine except I'm unable to access any exposed ports.

For example:

docker run -d -p 5000:5000 luisbebop/docker-sinatra-hello-world

Doing curl http://localhost:5000 gives curl: (7) Failed connect to localhost:5000; Connection refused.

I have to manually forward the port in VirtualBox for it to work. I haven't seen any mention of having to do this anywhere though, which suggests either I'm doing something stupid or there's something missing from the install instructions.

Is it expected behaviour that you need to manually forward ports from VirtualBox for docker port forwarding to work?

[olibob]

I lost some time on this. The port is exposed in the VBox VM, not on the host. I forward ports too.

[cameron]

for i in {10000..10999}; do
VBoxManage modifyvm "boot2docker-vm" --natpf1 "tcp-port$i,tcp,,$i,,$i";
VBoxManage modifyvm "boot2docker-vm" --natpf1 "udp-port$i,udp,,$i,,$i";
done

From this post.

Submitted a PR to update the docs.

[olibob]

This works perfectly. Thank you.

[cpswan]

To add port forwards from the command line to a running boot2docker VM use:

VBoxManage controlvm boot2docker-vm natpf1 "name,tcp,127.0.0.1,1234,,1234"

Where 'name' is the unique name for your rule, and '1234' is the port you wish to forward. So for the original Sinatra example:

VBoxManage controlvm boot2docker-vm natpf1 "sinatra-hello,tcp,127.0.0.1,5000,,5000"

[olibob]

@cpswan

Nice one, no need to shut down boot2docker-vm. Thanks.

[deinspanjer]

I wrote a wrapper script to manage this. It sounds from boot2docker/boot2docker#93 like it might not be needed for long though.

https://gist.github.com/deinspanjer/9215467

[leifhanack]

It seems as if you don't have that problem any longer, when using boot2docker-cli 0.8

If you initialize a new virtual machine with this tool, it will create a NATed network interface as before, and a second, host only interface, via which you will be able to access a Docker container's ports with no extra configuration.

[matthughes]

@leifhanack I still seem to have this issue with 0.8. I see two interfaces created by boot2docker. Using this example -- http://docs.docker.io/en/latest/examples/postgresql_service/ -- I am still unable to connect to the Postgresql server using either address.

This is using boot2docker from Homebrew on OS X and I confirmed it's 0.8.

[unclejack]

ping @SvenDowideit @ostezer

[leifhanack]

@matthughes If you installed boot2docker 0.8 with homebrew it is NOT boot2docker-cli 0.8! Homebrew integration is ongoing, see boot2docker/boot2docker-cli#90

[leifhanack]

I tried boot2docker-cli 0.8 but creating a host-only network interface failed. I'm using the newest VirtualBox 4.3.10.

./boot2docker-cli-v0.8.0-darwin-amd64 init
2014/04/24 23:45:55 Creating VM boot2docker-vm...
2014/04/24 23:45:55 Apply interim patch to VM boot2docker-vm (https://www.virtualbox.org/ticket/12748)
2014/04/24 23:45:55 Setting NIC #1 to use NAT network...
2014/04/24 23:45:55 Port forwarding [ssh] tcp://127.0.0.1:2022 --> :22
2014/04/24 23:45:55 Port forwarding [docker] tcp://127.0.0.1:4243 --> :4243
2014/04/24 23:45:55 Failed to create host-only network interface: exit status 2

[michaelpigg]

I had same error as @leifhanack with the pre-built binary. I built from source and it successfully inited a boot2docker-vm with the host-only network.

[SvenDowideit]

We're working to move from the boot2dockerbash script to https://github.com/boot2docker/boot2docker-cli/releases - and that sets up a second host-only network interface that gets used - so port forwarding won't be needed anymore.

that said - I'm working on linux and windows most of the time, and so its tested there - and I would love some more help testing, especially on OSX

I too got the failure @leifhanack and @michaelpigg - can we move this to boot2docker/boot2docker-cli#93 please?

[leifhanack]

What kind of help do you need? Do you have a test suite which can be run on OSX?

Regards Leif

[SvenDowideit]

@leifhanack that would be loverly - yes, if someone were to write a test suite that would be awesome.

I wonder if the docker cli tests could be extracted into a standalone 'test-it' tool that could be run from any OS we can build on - and if it could test both API and by shelling out to the natively built client.

This API version would be test that the remote server works as it should (and might reveal the NAT portforwarding issue we have with b2d atm) whereas the shell out version would show that the native client works correctly.

nice.

[leifhanack]

So right now there is nothing which I can run easily in order to help?

(sent from my mobile)

Am 01.05.2014 um 05:58 schrieb Sven Dowideit notifications@github.com:

@leifhanack that would be lovery - yes, if someone were to write a test suite that would be awesome.

I wonder if the docker cli tests could be extracted into a standalone 'test-it' tool that could be run from any OS we can build on - and if it could test both API and by shelling out to the natively built client.

This API version would be test that the remote server works as it should (and might reveal the NAT portforwarding issue we have with b2d atm) whereas the shell out version would show that the native client works correctly.

nice.

—
Reply to this email directly or view it on GitHub.

[leifhanack]

Since boot2docker-cli v0.11.1-pre1 host-only network interface including port forwarding works for me.

Installed with:

• removed ~/.boot2docker/boot2docker.iso
• boot2docker delete
• boot2docker-v0.11.1-pre1-darwin-amd64 init

[gliush]

@leifhanack could you please show your commands that works for you? It doesn't work for me.
I'm following this manual with slight changes ;)

• Remove all previos files

$ rm .boot2docker/boot2docker.iso
$ boot2docker delete

• Install new boot2docker-cli from sources as last release breaks compatibility with previous versions of boot2docker-cli tool

$ go get github.com/boot2docker/boot2docker-cli

• Using new boot2docker-cli create new image

$ $GOPATH/bin/boot2docker-cli init
2014/06/12 14:50:07 Downloading boot2docker ISO image...
2014/06/12 14:50:08 Latest release is v1.0.0
2014/06/12 14:50:22 Success: downloaded https://github.com/boot2docker/boot2docker/releases/download/v1.0.0/boot2docker.iso
    to /Users/gli/.boot2docker/boot2docker.iso
2014/06/12 14:50:22 Creating VM boot2docker-vm...
2014/06/12 14:50:22 Apply interim patch to VM boot2docker-vm (https://www.virtualbox.org/ticket/12748)
2014/06/12 14:50:23 Setting NIC #1 to use NAT network...
2014/06/12 14:50:23 Port forwarding [ssh] tcp://127.0.0.1:2022 --> :22
2014/06/12 14:50:23 Port forwarding [docker] tcp://127.0.0.1:2375 --> :2375
2014/06/12 14:50:23 Setting NIC #2 to use host-only network "vboxnet0"...
2014/06/12 14:50:23 Setting VM storage...
2014/06/12 14:50:32 Done. Type `boot2docker-cli up` to start the VM.

• Run it

$ $GOPATH/bin/boot2docker-cli up
2014/06/12 14:50:39 Waiting for VM to be started...
...........
2014/06/12 14:51:01 Started.
2014/06/12 14:51:01 Auto detection of the VM's IP address.
2014/06/12 14:51:01 To connect the Docker client to the Docker daemon, please set:
2014/06/12 14:51:01     export DOCKER_HOST=tcp://:2375

• Usually I have DOCKER_HOST specified as tcp://192.168.59.103:2375. Well, if they ask me to change it let's do it

export DOCKER_HOST=tcp://:2375

• Run docker image

$ docker run -d -P training/webapp python app.py

• Find the port

$ docker port c6073a9fc281 5000
0.0.0.0:49153

• Check if it works

curl localhost:49153
... hangs!!! 

• Check that in VirtualBox it works

$ $GOPATH/bin/boot2docker-cli ssh "curl localhost:49153" 2>/dev/null
Hello world!

What should I do to make it work?

[gliush]

And by the way, port forwarding doesn't help either!

$ i=49153;
$ VBoxManage modifyvm "boot2docker-vm" --natpf1 "tcp-port$i,tcp,,$i,,$i";
$ VBoxManage modifyvm "boot2docker-vm" --natpf1 "udp-port$i,udp,,$i,,$i";

Help!
What should I do to make it work?!

[gliush]

I've created new issue, so let's not discuss it here.

[SvenDowideit]

boot2docker 1.0 provides a host only network interface -please do not use port forwarding in virtualbox, it is unreliable.

[c4milo]

Exposing ports does not work for me in OSX.

boot2docker version
Client version: v1.0.1
Git commit: 219d665

[SvenDowideit]

Please don't append to a closed task - I only just saw this in an old browser tab. It also belongs in the boot2docker-cli repo tasks...

@c4milo you really need to tell us more than that - which network interface are you expecting the port to be exposed on, and what commands are you running?

[ctapobep]

Just for the history, maybe others will run into this issue. This didn't work for me on Mac: -p 127.0.0.1:8083:8080 while this did: -p 8083:8080

[cianclarke]

Forwarding almost 2,000 ports like above worked out pretty terrible for me - on my (admittedly resource constrained) laptop, performance crawled to a halt trying to forward that many ports.

Here's how to undo this command if anybody else comes across the same issue - instead, I'd suggest picking the ports you need forwarded!:

for i in {10000..10999}; do
VBoxManage modifyvm "boot2docker-vm" --natpf1 delete tcp-port$i;
VBoxManage modifyvm "boot2docker-vm" --natpf1 delete udp-port$i;
done

[ghost]

https://github.com/boot2docker/boot2docker/blob/master/doc/WORKAROUNDS.md (for others stumbling on this page)

[SvenDowideit]

and much more importantly, only do this if someone else needs access to those ports - your OSX box can access all container ports without the above steps.

[ghost]

@SvenDowideit Hmm I don't understand, when I needed to ssh into a container, i had to do the port forwarding.

[SvenDowideit]

if you are sshing into a container from your OSX box, then no, you do not need to do port forwarding. there is a second network interface which does that job better.

See https://github.com/boot2docker/boot2docker#container-port-redirection

mmm, its a badly named heading, but tells you the normal poerating mode.

[funkytaco]

As an update to @SvenDowideit's answer, docker-machine ip default (where default is the Docker host) is the current way to get the IP adress that exposes the ports.

[cmcconomy]

I am encountering the same problem using docker-machine installed with Docker Toolbox 1.9
To demonstrate, I exposed port 8080 in a container (-p 8080:8080) and tried to reach it with a port scan on OSX:

"/System/Library/CoreServices/Applications/Network Utility.app/Contents/Resources/stroke" $(docker-machine ip default) 1 10000

resulting in

Port Scanning host: 192.168.99.100

     Open TCP Port:     22          ssh
     Open TCP Port:     2376

[funkytaco]

@cmcconomy you should probably open a new issue and reference this one like so... #4007 if you think it's related.

[ystreibel]

@cmcconomy I have the same issue when I exposed port 27017 in my container (-p 27017:27017)

[thaJeztah]

@cmcconomy @ystreibel is the process in the container also listening on port 8080, and does it listen on 0.0.0.0, not on "localhost" or 127.0.0.1?

[mro]

@funkytaco #4007 (comment) Thank you 👍

[MahalakshmiL]

I installed Spark using docker on MAC. I ran into the same issue , but resolved after doing: for i in {10000..10999}; do
VBoxManage modifyvm "boot2docker-vm" --natpf1 "tcp-port$i,tcp,,$i,,$i";
VBoxManage modifyvm "boot2docker-vm" --natpf1 "udp-port$i,udp,,$i,,$i";
done

But I have another issue: In the web ui for spark , there is another link: application tracker - but I am not able to access it. Any help with this ?