Skip to content

Access your Docker for Mac's internal networks from your macOS host machine

License

Notifications You must be signed in to change notification settings

v5tech/docker-mac-network

 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

6 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

This solution allows you to access your Docker for Mac's internal networks directly from your macOS host machine, using OpenVPN.

Quickstart

To access your Docker networks:

  • Install Tunnelblick (open source macOS OpenVPN client that sits in your menubar)
  • Run docker-compose up. The first time it will take up to a minute to startup, because it needs to generate keys.
  • Doubleclick the generated docker-for-mac.ovpn in Finder (or run open docker-for-mac.ovpn in your terminal) to add it to Tunnelblick. You will find it in the current folder.
  • In Tunnelblick, connect to your new docker-for-mac profile.

You will now be able to access the internal Docker networks from macOS.

Implementation notes

The Compose configuration consists of two services, both based on the tiny Alpine Linux distribution.

openvpn

The OpenVPN image used is kylemanna/openvpn.

Both server-side and client-side configuration are automatically generated by helpers/run.sh, which calls the helper scripts in original image and adjust configuration for accessing the Docker for Mac networks only.

This service runs on TCP port 1194 using host networking, which means it has access to all Docker networks in the host VM.

Only the 172.16.0.0/20 private network is routed to Docker for Mac by the generated config. No DNS servers are set on the host.

The OpenVPN configuration (/etc/openvpn/*) is stored locally in ./config/ so that it survives Docker filesystem resets and allows for easy customization.

proxy

Since containers running in host networking mode in Docker for Mac cannot bind ports to make them accessible from macOS, we need an extra TCP proxy. This image uses socat to forward port 13194 to the OpenVPN container.

Tips

  • Add restart: always to both services in docker-compose.yml to have them automaticaly restart.
  • To route extra subnets, add extra route statements in your docker-for-mac.ovpn
  • To setup static IP addresses for containers, check the app_net examples in the Compose file reference
  • To regenerate all files, remove config/* and docker-for-mac.ovpn

About

Access your Docker for Mac's internal networks from your macOS host machine

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages

  • Shell 88.4%
  • Dockerfile 11.6%