Can't access publicly exposed Docker container port from external machine, only from localhost?

I have a Docker container running on my Ubuntu Linux 14.04 machine that exposes a port publicly:

docker run --name spacyapi -d -p jgontrum/spacyapi:en

I can connect and execute commands against the server in the container without problem from the local machine. For example:

  • Round Robin Behaviour of Docker SWARM container not working across multiple hosts
  • How to remove all docker volumes?
  • Create dynamic environment variables at build time in Docker
  • How to run mvn sonar:sonar using jhipster and sonar in docker containers
  • Docker root access to host system
  • Dynamic mount point for Shared Volume Containers
  • curl http://localhost:7091/api --header 'content-type: application/json' --data '{"text": "This is a test."}' -X POST

    The command executes faithfully. However, if I try the same CURL command from an external machine I get a “connection refused” error:

    curl --header 'content-type: application/json' --data '{"text": "This is a test."}' -X POST
    curl: (7) Failed to connect to port 7091: Connection refused

    Where is the IP address of the box running the Docker container.

    I don’t think I need any iptables rules because I didn’t need to set any up for the Node.JS server running on the same box. All the other computers on my local network can access the Node.JS server just fine. But not the Docker container acting as a server.

    How can I fix this?

  • Can't attach terminal to a running container in docker
  • Docker CLI env var value override not respected by container on startup
  • Docker volume conflict
  • How to increase Docker container default size?
  • How can I create containers at time of instance creation from my project container images
  • How do I attach to a running Docker container later?
  • 2 Solutions collect form web for “Can't access publicly exposed Docker container port from external machine, only from localhost?”

    You didn’t publicly publish your port with this flag:


    That flag says to publish on the host interface (localhost), port 7091 to the containers port 7091. The only way to reach that port is to be on the host and connect to the loopback interface.

    To publicly publish the port, remove the IP from that flag:

    -p 7091:7091

    or explicitly publish to all interfaces with:


    The latter format is identical to the first one as long as you haven’t overridden your docker daemon settings with dockerd --ip x.x.x.x or setting the ip value in your /etc/docker/daemon.json file.

    I don’t think the container’s IP is Try doing docker inspect <container-uid> | grep IPAddress to check what the IP of the container is. I believe it should be something like 172.17.0.X.

    Also you could just do docker run -d --network=host <image> which stacks the container on top of the host network.

    Container are just something on top of the host, the host is the one that is actually communicating with the outside.

    Docker will be the best open platform for developers and sysadmins to build, ship, and run distributed applications.