LabEx
Log InJoin Free

How to inspect exposed ports of a Docker container

DockerBeginner
Practice Now

Introduction

Docker is a widely adopted containerization technology that revolutionized the way applications are developed, packaged, and deployed. Understanding the exposed ports of a Docker container is a fundamental aspect of working with Docker, as it allows you to access and interact with the services running inside the container. This tutorial will guide you through the process of inspecting the exposed ports of a Docker container, empowering you to better manage and optimize your containerized applications.

Understanding Docker Container Ports

Before we dive into inspecting container ports, let us first understand what ports are and why they matter in Docker containers.

What Are Container Ports

In Docker, ports allow services running inside a container to communicate with the outside world. Think of ports as doors to your containerized application - without opening these doors, no one can access the services inside.

Types of Port Configurations

Docker supports two main types of port configurations:

  1. Exposed Ports: Ports that a container makes available for potential connections, but are not automatically accessible from the host.

  2. Published Ports: Exposed ports that are mapped to a port on the host, allowing external access to the container services.

Let us run a simple web server container to understand this better:

docker run -d --name web-demo nginx

Run this command in the terminal. This starts an Nginx web server container named web-demo in detached mode (running in the background).

The output will show a container ID, similar to:

3a6e8df899a9b723de9e4684542dc9987af26381118fa36496757d17ac952c9f

This Nginx container has port 80 exposed by default (as defined in its Dockerfile), but we have not published it to the host yet, so we cannot access it from outside.

Examining Container Port Configuration

Now that we have our container running, let us examine its port configuration.

Using docker ps to View Port Mappings

The docker ps command shows running containers and their port configurations.

Run this command in your terminal:

docker ps

You will see output similar to:

CONTAINER ID   IMAGE     COMMAND                  CREATED          STATUS          PORTS     NAMES
3a6e8df899a9   nginx     "/docker-entrypoint.…"   2 minutes ago    Up 2 minutes    80/tcp    web-demo

Notice the PORTS column. It shows 80/tcp, indicating that port 80 is exposed but not published to the host.

Running a Container with Published Ports

Let us stop our first container and create a new one with a published port:

docker stop web-demo
docker rm web-demo

Now run a new container with port mapping:

docker run -d --name web-demo -p 8080:80 nginx

The -p 8080:80 option publishes the container's port 80 to port 8080 on the host.

Run docker ps again to see the difference:

docker ps

Output:

CONTAINER ID   IMAGE     COMMAND                  CREATED          STATUS          PORTS                  NAMES
f7d483e51ef2   nginx     "/docker-entrypoint.…"   10 seconds ago   Up 10 seconds   0.0.0.0:8080->80/tcp   web-demo

Notice how the PORTS column now shows 0.0.0.0:8080->80/tcp, indicating port 80 in the container is mapped to port 8080 on all host interfaces.

Inspecting Container Port Details

Docker provides multiple commands to inspect container port configurations in detail. Let us explore these options.

Using docker port Command

The docker port command shows the port mappings for a container:

docker port web-demo

Output:

80/tcp -> 0.0.0.0:8080

This shows that port 80/tcp in the container is mapped to port 8080 on all host interfaces.

Using docker inspect for Detailed Information

For more detailed information, use the docker inspect command:

docker inspect web-demo

This command produces a lot of JSON output with detailed information about the container. To filter for just the port information, use this command:

docker inspect --format='{{json .NetworkSettings.Ports}}' web-demo | jq

If jq is not installed, you can install it with:

sudo apt-get update && sudo apt-get install -y jq

The output of the filtered inspect command will look like:

{
  "80/tcp": [
    {
      "HostIp": "0.0.0.0",
      "HostPort": "8080"
    }
  ]
}

This shows detailed port mapping information:

  • Container port: 80/tcp
  • Host IP: 0.0.0.0 (all interfaces)
  • Host port: 8080

Listing All Container Ports

If you have multiple containers, you can see all port mappings with:

docker ps --format "{{.Names}}: {{.Ports}}"

Output:

web-demo: 0.0.0.0:8080->80/tcp

This is useful when managing multiple containers with different port configurations.

Accessing Services Through Exposed Ports

Now that we understand how to inspect container ports, let us access the web server running in our container.

Testing Container Accessibility

Since we mapped port 80 of the container to port 8080 on the host, we can access the Nginx web server through port 8080.

Let us use the curl command to make a request to our web server:

curl localhost:8080

You should see the HTML of the Nginx welcome page:

<!DOCTYPE html>
<html>
  <head>
    <title>Welcome to nginx!</title>
    <style>
      html {
        color-scheme: light dark;
      }
      body {
        width: 35em;
        margin: 0 auto;
        font-family: Tahoma, Verdana, Arial, sans-serif;
      }
    </style>
  </head>
  <body>
    <h1>Welcome to nginx!</h1>
    <p>
      If you see this page, the nginx web server is successfully installed and
      working. Further configuration is required.
    </p>

    <p>
      For online documentation and support please refer to
      <a href="http://nginx.org/">nginx.org</a>.<br />
      Commercial support is available at
      <a href="http://nginx.com/">nginx.com</a>.
    </p>

    <p><em>Thank you for using nginx.</em></p>
  </body>
</html>

This confirms that we can access the Nginx web server running inside our container through the published port.

Running Multiple Services

Let us create another container with a different service and port mapping:

docker run -d --name redis-demo -p 6379:6379 redis

This command starts a Redis database container and maps its default port 6379 to the same port on the host.

Check the running containers:

docker ps

Output:

CONTAINER ID   IMAGE     COMMAND                  CREATED          STATUS          PORTS                    NAMES
a45df67e21b3   redis     "docker-entrypoint.s…"   10 seconds ago   Up 10 seconds   0.0.0.0:6379->6379/tcp   redis-demo
f7d483e51ef2   nginx     "/docker-entrypoint.…"   10 minutes ago   Up 10 minutes   0.0.0.0:8080->80/tcp     web-demo

Now we have two containers running different services, each with its own port mapping.

Managing Container Port Configurations

Now that we understand how to inspect and access containerized services, let us explore some additional port management concepts.

Common Port Management Scenarios

Here are some common scenarios you might encounter:

1. Changing Port Mappings

If port 8080 is already in use on your host, you can map to a different port:

docker stop web-demo
docker rm web-demo
docker run -d --name web-demo -p 8081:80 nginx

Now the Nginx container is accessible on port 8081:

curl localhost:8081

2. Binding to Specific Interfaces

Instead of binding to all interfaces (0.0.0.0), you can bind to a specific IP:

docker stop web-demo
docker rm web-demo
docker run -d --name web-demo -p 127.0.0.1:8080:80 nginx

This binds the container port only to the localhost interface, making it inaccessible from outside the host.

3. Using Random Host Ports

If you do not care which host port is used, let Docker assign one:

docker stop web-demo
docker rm web-demo
docker run -d --name web-demo -P nginx

The -P flag publishes all exposed ports to random ports on the host.

Check the assigned port:

docker port web-demo

Output:

80/tcp -> 0.0.0.0:49153

The exact port number will vary, but in this example, port 80 was mapped to port 49153.

Troubleshooting Common Port Issues

Here are solutions to common port-related issues:

  1. Port Already in Use: If you see an error like "port is already allocated", choose a different port:
docker run -d --name another-web -p 8082:80 nginx
  1. Container Cannot Connect to Host: If a container needs to connect to a service on the host, use the special Docker DNS name host.docker.internal instead of localhost:
docker run --rm alpine ping -c 2 host.docker.internal
  1. Checking Which Process Uses a Port: If a port is already in use on the host, find the process:
sudo lsof -i :8080

Cleaning Up

Let us clean up our containers:

docker stop web-demo redis-demo
docker rm web-demo redis-demo

Summary

In this lab, you have learned how to work with Docker container ports, including:

  • Understanding the difference between exposed and published ports
  • Running containers with specific port mappings
  • Inspecting container port configurations using various Docker commands
  • Accessing services running inside containers through mapped ports
  • Managing and troubleshooting common port-related scenarios

These skills are fundamental for working with Docker containers and are essential for deploying containerized applications in development and production environments. With this knowledge, you can now configure and manage the networking aspects of your Docker containers with confidence.

Related Docker Courses
Docker for Beginners

Docker for Beginners

dockerdevops
Docker Practice Challenges

Docker Practice Challenges

dockerdevops
Docker Practice Labs

Docker Practice Labs

dockerdevops