Docker Network Find Active Endpoints: 3 Powerful Methods 💪

Estimated reading time: 7 minutes

Last updated on November 8th, 2024 at 04:58 pm

Identifying Active Containers on a Docker Network

Docker networks provide a way to connect containers and allow them to communicate with each other and the internet hence, It’s crucial to manage how the Docker containers communicate.

Sometimes you need to identify which containers are using which network and what are the active endpoints in the Docker network.

Docker Network Overlay vs Bridge – Ultimate Difference

Docker Network External vs Internal: Simplified 3-Minute!

Let’s explore “Docker Network Find Active Endpoints” to help you find and troubleshoot Docker-related networking issues.

Why Docker Network Find Active Endpoints?

Understanding the Docker network find active endpoints can help with various benefits:

Network Visibility:

You can find the active Docker network endpoints that will help you understand the communication flow within your network.

You can only troubleshoot the connectivity issue if you understand the flow. It can help you to visualize how the network is connected and interact with each other.

Docker Network Find Active Endpoints Troubleshooting:

Network-related problems arise when you work with a complex Docker network. Finding the active Docker network endpoint helps to isolate and debug the issue.

Improve Security:

You can isolate the Docker container that misbehaves and communicate with the outside world. secure and efficient network design can prevent security breaches.

Understand how contains are connected and implement the strict rule for network access control.

Methods: Docker Network Find Active Endpoints

Now, let’s check the different ways to find active endpoints in your Docker networks:

1. Use docker network inspect

You can use the docker network inspect to get detailed information about the specific Docker network, including the containers currently connected to it:

Bash
docker network inspect <network-name>

You can replace the <network-name> with the actual network name you want to check.

Let’s check the network details for the network named “app-network”:

Bash
docker network inspect my-app-network

Checkout the below output especially the section with “Containers”.

Bash
[
    {
        "Name": "app-network",
        "Id": "abcd1234efgh5678ijkl90mnop",
        "Created": "2024-04-07T12:00:00Z",
        "Scope": "local",
        "Driver": "bridge",
        "EnableIPv6": false,
        "IPAM": {
            "Driver": "default",
            "Options": {},
            "Config": [
                {
                    "Subnet": "172.18.0.0/16",
                    "Gateway": "172.18.0.1"
                }
            ]
        },
        "Internal": false,
        "Attachable": true,
        "Ingress": false,
        "ConfigFrom": {
            "Network": ""
        },
        "ConfigOnly": false,
        "Containers": {
            "1234567890abcdef": {
                "Name": "nginx-container",
                "EndpointID": "qwertyuiop123456",
                "MacAddress": "02:42:ac:12:00:02",
                "IPv4Address": "172.18.0.2/16",
                "IPv6Address": ""
            },
            "9876543210fedcba": {
                "Name": "python-container",
                "EndpointID": "zxcvbnmasdfghjk",
                "MacAddress": "02:42:ac:12:00:03",
                "IPv4Address": "172.18.0.3/16",
                "IPv6Address": ""
            }
        },
        "Options": {},
        "Labels": {}
    }
]

In this example:

  • The app-network network is shown with its ID, creation timestamp, and configuration details.
  • Default bridge network with the subnet 172.18.0.0/16 and the gateway 172.18.0.1.
  • Two containers, nginx-container and python-container, are connected to the network.
  • Each container has its respective EndpointID, MacAddress, and IPv4Address.

TIP: You can use the advance Docker filter with --format option with docker network to customize the output.

You can use the filter to output the container names only:

Bash
docker network inspect app-network --format "{{json .Containers}}"

Limitations:

Containers removed but still appear connected are called “Orphaned Containers“. Orphaned endpoints might not be visible with this method. But we will check how to fix this later.

2. Use docker ps with network filters

You can use the docker ps command to manage the containers. With the advanced Docker filter with –format option you can filter and display containers based on networking conditions:

Bash
docker ps --filter network=<network-name>

You can replace the <network-name> with the actual name, if you want to check the details, For instance, to list all the containers in app-network you can run:

Bash
docker ps --filter network=my-app-network

This command will output the container details with ID, names, and details:

Bash
CONTAINER ID   IMAGE          COMMAND                  CREATED        STATUS        PORTS       NAMES
abcdef123456   nginx:latest   "nginx -g 'daemon of…"   1 hour ago     Up 1 hour     80/tcp      nginx-container
123456abcdef   python:latest  "python app.py"          2 hours ago    Up 2 hours                python-container

In this example:

  • nginx-container and python-container are running now.
  • Both containers are running and are connected to the app-network.
  • The CONTAINER ID, IMAGE, COMMAND, CREATED, STATUS, PORTS, and NAMES columns provide additional information about each container.

3. Use Docker Compose

The above method works with Docker but if you’re using Docker Compose to manage the Docker containers, you can use the Docker Compose related method to identify the active endpoints.

You can check the services and network details in the docker-compose.yml configuration.

Docker Compose creates the new network based on the directory name, you can specify the external network to use the already created Docker network.

You can use the docker-compose ps command:

Bash
docker compose ps

You can use the above command without additional commands to find the container-related information for specific Docker Compose.

Extra: Use net-shoot Container

Docker Network Find Active Endpoints
Docker Network Find Active Endpoints

The net-shoot container is a powerful toolkit for diagnosing and troubleshooting Docker issues. It provides all the necessary tools to help the Docker network find active endpoints.

Let’s pull the Docker image. You can use the Docker Hub Image from nicolaka/netshoot.

Bash
docker pull nicokala/netshoot

You can run the Docker container once the image pull is finished.

Bash
docker run -it nicokala/netshoot

Once the container starts, you can utilize the various commands for network diagnostics.

Bash
ss -tnlp

The above example provide a detailed view of network sockets, including:

  • State: (-t) The current state of the connection (e.g., ESTABLISHED, LISTEN)
  • Numeric ports: (-n) Displays port numbers in numeric format
  • Listening ports: (-l) Shows listening sockets
  • Processes: (-p) Includes the process ID (PID) of the program using the connection

Additional net-shoot tools:

The net-shoot container provides other tools that can be helpful for network troubleshooting.

  • ping: Test basic network connectivity between containers or the host.
  • traceroute: Trace the route packets take to reach a destination. It helps identify network latency issues.
  • tcpdump: Capture network traffic for in-depth analysis of communication flows.

Docker Network Find Active Endpoints: Additional Considerations

Orphaned Endpoints

Containers that are removed but still appear connected are called “Orphaned Containers“. Connections from these orphaned containers are called “ghost connections” that were previously connected but remain.

As discussed earlier, the docker network inspect method might not provide the details about the orphaned endpoints. Since they can’t show in output for actively running containers that can create the issue while debugging.

Restart Docker Daemon

We’ve checked the various methods to debug and find the active endpoint from the Docker network. If nothing works you can try restarting the Docker daemon which can fix the potential network issues.

Please be advised when using this in the production environment, this can potentially create downtime for the containers.

You can also use them docker network prune to remove the unused network.

Bash
docker network prune

Conclusion

Docker Network find active endpoints allows you to make informed decisions about resource allocation and network design. You can identify the security concerns and make the overall Docker network efficient.

Key takeaways:

  • Optimize Resouce: Choose the appropriate network and free up the bandwidth for critical application
  • Improve Security: Isolate the network for more strict communication and reduce the attack surface.
  • Troubleshooting: Diaglonisis and find the active endpoint to find the configuration errors.

Identifying active endpoints helps you manage your Docker network more effectively by optimizing resource allocation, enhancing security, and troubleshooting network issues.

Find Docker Which Network is Container Using

Docker Compose Network Name Without Prefix – 3 Easy Tricks

Kashyap Merai

Kashyap Merai

Kashyap Merai, a Certified Solution Architect and Public Cloud Specialist with over 7 years in IT. He helped startups in Real Estate, Media Streaming, and On-Demand industries launch successful public cloud projects.

Passionate about Space, Science, and Computers, He also mentors aspiring cloud engineers, shaping the industry's future.

Connect with him on LinkedIn to stay updated on cloud innovations.