Reputation: 428
Setup ssh tunnel from docker container on macos Mojave 10.14
I am having trouble setting up an ssh tunnel on my mac machine. I have no problems setting up the tunnel on my ubuntu box. This is the command I run
ssh -nNT -L 172.18.0.1:4000:production-database-url:3306 jump-point
When I run this on my mac, I get the following error:
bind [172.18.0.1]:4000: Can't assign requested address
channel_setup_fwd_listener_tcpip: cannot listen to port: 4000 Could
not request local forwarding.
If I run without the bind_address (172.18.0.1), I am able to connect to the database via the tunnel.
If I bind to all interfaces (0.0.0.0), then tunnel is open, however, the connection to the database from inside the docker container does not work.
Upvotes: 1
Views: 1204
Answers (1)
Reputation: 5415
172.18.0.1 is the IP of docker's default bridge network gateway, not your host's IP.
You can run this command to check that.
$ docker network inspect bridge
Docker for Mac has limitations
- There is no docker0 bridge on macOS (it's in the docker VM host on Mac and on Windows)
- You cannot ping containers (without shaving a bunch of yaks)
- Per-container IP addressing is not possible
Also note that this means the docker run option --net-host is not supported on Mac, but maybe that's a good thing
There is a workaround
- These magic addresses resolve to the host's IP from within a container
- docker.for.mac.localhost (deprecated)
- docker.for.mac.host.internal (deprecated)
- host.docker.internal
- This resolves to the gateway of the host mac
- gateway.docker.internal
Use the name host.docker.internal from within the container just like you would use localhost on the mac directly.
Don't worry about the bind address for the tunnel:
ssh -nNT -L 4000:production-database-url:3306 jump-point
You didn't mention which database but I take it from the port 3306 that it is MySQL.
To connect using the mysql cli from within a container, via an ssh tunnel on your host, to a remote mysql database server you can run:
mysql --host host.docker.internal [... other options go here]
Upvotes: 5
Related Questions
- SSH Tunnel within docker container
- Docker container that creates a SSH tunnel on docker-compose up
- How to tunnel TCP traffic over ssh from a docker container?
- SSH tunnel to remote docker service
- How can I create a SSH tunnel in a docker container where the socks proxy is accessible by the host machine?
- SSH tunneling to remote server with docker
- docker connecting to host tunnel from container
- SSH port forwarding in Docker
- SSH Tunneling to docker container
- How to create ssh tunnel to dockerfile/mysql container