How to determine bridge IP of docker swarm container

I’m trying to set up a framework, using docker swarm, where I can connect from an external system (via ssh or whatever) into a specific service’s container. So, I’m able to do this using something like:

ssh -o ProxyCommand="ssh ubuntu@ nc 22" -l root foo

Here is one of the swarm nodes and I then connect to the gateway bridge address ( for that specific container.

  • What's the main advantage of using replicas in Docker Swarm Mode?
  • INFO: I/O exception ( caught when processing request to {}->unix://localhost:80: Permission denied
  • Docker swarm run tasks only in workers
  • Installing Docker on Windows Server 2016 at Google Cloud Platform
  • How to access mysql that which is in docker container from another host machine?
  • Bcrypt installation fails in Docker
  • In order to provide some automation around this I’d like to be able to inspect whatever docker object in order to map a containers’ ID to its bridge IP. I’d like to create a mapping of something like:

      container_id: {
        swarm_node: <Swarm node IP>,
        bridge_ip:  <Container's bridge IP>

    However, I cannot see any kind of struct which shows the bridge info for a specific container. I can always exec into a given container and run ifconfig but I was hoping to avoid that.

    Any pointers appreciated!

  • Get debug informations from docker container which runs a tomcat server
  • SaltStack: dockerng is not available
  • How do I run a docker container by its container name?
  • run /usr/sbin/sshd in a Dockerfile does not work
  • Docker container not starting
  • Visual Studio Docker Tools how to force a container rebuild from scratch
  • One Solution collect form web for “How to determine bridge IP of docker swarm container”

    Try starting with this:

    docker service ls -q \
    | xargs docker service ps -f desired-state=running -q \
    | while read task_id; do 
      docker inspect -f '{{printf "%.12s" .Status.ContainerStatus.ContainerID }}:
      { swarm_node: {{.NodeID}},
        bridge_ip: {{range .NetworksAttachments}}{{if ne "ingress" .Network.Spec.Name }}{{.Addresses}}{{end}}{{end}}
      }' $task_id

    You may need to cleanup the container IP a bit since it’s coming out as a list of IP’s in with a bit length included. And the swarm node is actually the node id, not the node IP. I also hardcoded the exclusion for “ingress”, not sure if there’s a cleaner way.

    To map node ID’s to IP addresses, here’s another one to work with:

    docker node ls -q \
    | xargs docker node inspect -f '{ {{.ID}}: {{.Status.Addr}} }'
    Docker will be the best open platform for developers and sysadmins to build, ship, and run distributed applications.