'Docker: any way to list open sockets inside a running docker container?
I would like to execute netstat inside a running docker container to see open TCP sockets and their statuses. But, on some of my docker containers, netstat is not available. Is there any way to get open sockets (and their statuses, and which IP addresses they are connected to if any) without using netstat, via some docker API? (BTW, my container uses docker-proxy - that is, not directly bridged)
I guess I could look at /proc file system directly, but at that point, I might as well docker cp netstat into the container and execute it. I was wondering if there was any facility that docker might provide for this.
Solution 1:[1]
The two commands from @larsks answer merged into one-liner - no need to copy-paste the PID(s) (just replace container_name_or_id):
sudo nsenter -t $(docker inspect -f '{{.State.Pid}}' container_name_or_id) -n netstat
Solution 2:[2]
If you have iproute2 package installed, you can use
sudo nsenter -t $(docker inspect -f '{{.State.Pid}}' container_name_or_id) -n ss
or
sudo nsenter -t $(docker inspect -f '{{.State.Pid}}' container_name_or_id) -n ss -ltu
It will show TCP and UDP
Solution 3:[3]
If you want them all (all containers) try this.
$ for i in `docker ps -q` ; do sudo nsenter -t $(docker inspect -f '{{.State.Pid}}' $i) -n netstat ; done
Solution 4:[4]
I tried the other solutions and it didn't work for me by my colleague gave me this solution. Thought I would mention it here for others like me and for me to refer to later lol.
docker exec -it [container name] bash
grep -v “rem_address” /proc/net/tcp
Solution 5:[5]
docker inspect <container_id>
- Look for "ExposedPorts" in "Config"
Sources
This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.
Source: Stack Overflow
| Solution | Source |
|---|---|
| Solution 1 | |
| Solution 2 | dagelf |
| Solution 3 | Don Richards |
| Solution 4 | Jimmy |
| Solution 5 | Stephen O'Flynn |