Assign static IP to Docker container


I'm now trying to assign a static IP when a Docker container be started up.

I use port 2122 as the ssh port of this container so that I let this container listen port 2122.

sudo docker run -i -t -p 2122:2122 ubuntu

This command will run a Docker container with a random IP like, but I need to assign a specific IP to the container.

The following shell script is what I reference Docker documentation in advanced network settings.

pid=$(sudo docker inspect -f '{{.State.Pid}}' <container_name> 2>/dev/null)
sudo rm -rf /var/run/netns/*
sudo ln -s /proc/$pid/ns/net /var/run/netns/$pid
sudo ip link add A type veth peer name B
sudo brctl addif docker0 A
sudo ip link set A up
sudo ip link set B netns $pid
sudo ip netns exec $pid ip link set eth0 down
sudo ip netns exec $pid ip link delete eth0
sudo ip netns exec $pid ip link set dev B name eth0
sudo ip netns exec $pid ip link set eth0 address 12:34:56:78:9a:bc
sudo ip netns exec $pid ip link set eth0 down
sudo ip netns exec $pid ip link set eth0 up
sudo ip netns exec $pid ip addr add dev eth0
sudo ip netns exec $pid ip route add default via

This shell script will assign a static IP and link to the world fine. But whenever I try to ssh to this container from my local, it didn't work. What's the problem possibly I met?

7/1/2016 4:49:50 PM

For docker-compose you can use following docker-compose.yml

version: '2'
    image: nginx
    container_name: nginx-container
        - subnet:
          #docker-compose v3+ do not use ip_range

from host you can test using:

docker-compose up -d

Modern docker-compose does not change ip address that frequently.

To find ips of all containers in your docker-compose in a single line use:

for s in `docker-compose ps -q`; do echo ip of `docker inspect -f "{{.Name}}" $s` is `docker inspect -f '{{range .NetworkSettings.Networks}}{{.IPAddress}}{{end}}' $s`; done

If you want to automate, you can use something like this example gist


Not a direct answer but it could help.

I run most of my dockerized services tied to own static ips using the next approach:

  1. I create ip aliases for all services on docker host
  2. Then I run each service redirecting ports from this ip into container so each service have own static ip which could be used by external users and other containers.


docker run --name dns --restart=always -d -p dns
docker run --name registry --restart=always -d -p registry
docker run --name cache --restart=always -d -p -v /data/cache:/var/cache/apt-cacher-ng cache
docker run --name mirror --restart=always -d -p -v /data/mirror:/usr/share/nginx/html:ro mirror

This works for me.

Create a network with docker network create --subnet= selnet

Run docker image docker run --net selnet --ip hub

At first, I got

docker: Error response from daemon: Invalid address It does not belong to any of this network's subnets.
ERRO[0000] error waiting for container: context canceled

Solution: Increased the 2nd quadruple of the IP [.18. instead of .17.]


I stumbled upon this problem during attempt to dockerise Avahi which needs to be aware of its public IP to function properly. Assigning static IP to the container is tricky due to lack of support for static IP assignment in Docker.

This article describes technique how to assign static IP to the container on Debian:

  1. Docker service should be started with DOCKER_OPTS="--bridge=br0 --ip-masq=false --iptables=false". I assume that br0 bridge is already configured.

  2. Container should be started with --cap-add=NET_ADMIN --net=bridge

  3. Inside container pre-up ip addr flush dev eth0 in /etc/network/interfaces can be used to dismiss IP address assigned by Docker as in following example:

auto lo
iface lo inet loopback

auto eth0
iface eth0 inet static
    pre-up ip addr flush dev eth0
  1. Container's entry script should begin with /etc/init.d/networking start. Also entry script needs to edit or populate /etc/hosts file in order to remove references to Docker-assigned IP.

You can set the IP while running it.

docker run --cap-add=NET_ADMIN -dit imagename /bin/sh -c "/sbin/ip addr add dev eth0; bash"

See my example at