Introduction
Docker is a utility that lets you create a container for running applications. A Docker container is a fully-contained virtual machine.
This guide will show you three methods to SSH into a Docker container and run commands.
Prerequisites
- A Linux system running Docker
- Preconfigured containers loaded and running
- Access to a terminal window/command prompt (Ctrl+Alt+T or Ctrl+Alt+F2)
- A user account with sudo privileges
Method 1: Use docker exec to Run Commands in a Docker Container
The docker exec
command runs a specified command within an already running container. You can use it to SSH into a Docker container by creating a bash shell (a shell where you can type commands).
The basic syntax for using docker exec
to run a command in containers is:
docker exec [options] [container] [command]
Start by pulling a Docker image if you haven’t already. For example, you can load Nginx:
sudo docker pull nginx
Then, run the image:
sudo docker run ––name nginx–test –d nginx
List all running containers to verify:
sudo docker ps
You should now see your nginx-test image loaded.
To get access and run commands in that Docker container, type the following:
sudo docker exec –it nginx-test /bin/bash
Now, you are logged in to the nginx-test container. Therefore, any commands you enter will perform in that container. The –i
option specifies interactive, and the –t
enables a terminal typing interface.
Method 2: Use the docker attach Command to Connect to a Running Container
The docker attach
command links a local input, output, and error stream to a container. By default, it launches in a bash shell. To connect to a running container, enter the following:
sudo docker attach container_Name
In the example below, the system will connect to the nginx-test container:
sudo docker attach nginx-test
Once the command is executed, you will be working in the container. Any commands you run will affect the virtual Docker environment.
Method 3: Use SSH to Connect to a Docker Container
You can connect to a Docker container using SSH (Secure Shell). Normally, SSH is used to connect remotely over a network to a server. The technology works the same when connecting to a virtual Docker container on your system.
Important: We do not recommend this method, since it inflates the image beyond the normal scope. You will need to have an image with SSL already configured for this to work.
Step 1: Enable SSH on System
Start by installing and enabling the SSH service:
sudo apt-get install ssh
sudo systemctl ssh start
sudo systemctl ssh enable
service ssh status
yum –y install openssh-server openssh-clients
service sshd start
service sshd enable
service sshd status
Step 2: Get IP Address of Container
Get the container’s IP address by using the docker inspect
command and filtering out the results.
For modern Docker engines, use the command:
sudo docker inspect -f "{{ .NetworkSettings.IPAddress }}" container_name
For older Docker engines, run:
docker inspect -f '{{range.NetworkSettings.Networks}}{{.IPAddress}}{{end}}' container_name
The system will display the IP address as seen in the image above.
Note: The targeted docker container must be running to be able to get its IP address. If you need to start an existing docker container, run sudo docker start container_name
.
Step 3: SSH Into Docker Container
Ping the IP address to make sure it’s available:
ping –c 3 172.17.0.2
Use the SSH tool to connect to the image:
ssh root@172.17.0.2
The system should prompt for a password of the root user for that container. If it says Connection refused, likely the container is not provisioned for SSH. If the prompt changes, you are now connected via SSH, and can run commands in the container.
Conclusion
Docker containers are lightweight and transitional, so a traditional SSH connection isn’t recommended. The recommended method to run commands in a Docker container is either docker exec
or docker attach
.
If you are provisioning multiple remote virtual machines, you could use the docker-machine ssh
command to connect to a virtual machine through Docker. For most users, the first two command methods are recommended.