When using Docker, ESTABLISHED connections don't appear in netstat

You can either do:

docker exec <containerid> netstat -tan | grep ESTABLISHED

or if you don't have netstat in your docker image:

docker inspect -f '{{.State.Pid}}' <containerid> # note the PID
sudo nsenter -t <pid> -n netstat | grep ESTABLISHED

nsenter is part of util-linux package. (plagiarized @larsks)

You may use this snippet to get all the ESTABLISHED for all dockers in one row (if you got nsenter)

docker inspect --format '{{.State.Pid}} {{printf "%.13s" .ID}} {{.Name}}' \
$(docker ps --format '{{.ID}}') | while read dockpid dockid dockname
    do
    echo $dockid $dockname
    sudo nsenter -t $dockpid -n netstat -pan | grep ESTABLISHED
done

note the ESTABLISHED in the grep.

you can change to the listening connection with netstat -pnl both TCP and UDP

docker inspect --format '{{.State.Pid}} {{printf "%.13s" .ID}} {{.Name}}' \
$(docker ps --format '{{.ID}}') | while read dockpid dockid dockname
    do
    echo $dockid $dockname
    sudo nsenter -t $dockpid -n netstat -pnl
done

or only TCP LISTEN

docker inspect --format '{{.State.Pid}} {{printf "%.13s" .ID}} {{.Name}}' \
$(docker ps --format '{{.ID}}') | while read dockpid dockid dockname
    do
    echo $dockid $dockname
    sudo nsenter -t $dockpid -n netstat -pnlt
done

When using Docker, ESTABLISHED connections don't appear in netstat

Tags:

Docker

Sockets

Netstat

Related

Recent Posts