Access host database from a docker container
Master System Design with Codemia
Enhance your system design skills with over 120 practice problems, detailed solutions, and hands-on exercises.
Accessing a host database from a Docker container is a common requirement for developers who are incorporating Docker into their development workflows. Docker containers isolate applications from the host system, providing a consistent environment across different systems and enhancing dependency management. However, this isolation can also complicate interactions with services on the host machine, such as databases. This article will describe how to configure a Docker container to access a database service running on a host machine, accompanied by technical explanations and examples.
Understanding Docker Networking
To successfully connect to a host database from a Docker container, it’s essential to understand Docker’s networking capabilities. Docker provides several network drivers which dictate how containers can communicate with each other and with the host:
- Bridge Network: The default network driver for containers. Containers on the same network can communicate with each other via internal IP addresses.
- Host Network: Removes network isolation between the container and the Docker host. The container shares the host's networking namespace.
- None: The container has no network access.
- Overlay Network: Used for Docker Swarm services across multiple hosts.
Which Network to Use?
For accessing a host database, we typically use the Bridge network, as it ensures container isolation while allowing outbound communication to external services, including databases running on the host.
Configuring Connection to Host Database
Here’s a step-by-step guide for accessing a PostgreSQL database running on the host from within a Docker container.
Step 1: Obtain Host IP Address
To connect to the host database, you first need to acquire the host’s IP address within the context of Docker. By default, Docker provides an automatic way to reference the host:
- Use the special DNS name
host.docker.internal(on Mac and Windows) to point to the host’s IP address from within the container.
For Linux, this special DNS name isn’t available by default. Instead, you can configure it by adding a custom network or using the --add-host flag when starting the container.
Step 2: Database and Docker Configuration
Assuming PostgreSQL is running on the default port 5432, ensure that your database server is configured to accept connections from the Docker container.
- PostgreSQL’s configuration file,
postgresql.conf, should be configured to listen on all interfaces typically set bylisten_addresses = '*'. - The
pg_hba.conffile should include a rule allowing the container’s internal IP range access.
Step 3: Connect from Inside the Container
We can now launch a Docker container with the necessary configuration to communicate with the host machine.
Docker Run Command with Networking:
Note: In this command, we’re using the --network host mode for simplicity. You can omit it if your Docker architecture is more complex.
Step 4: Validate the Connection
Once the container is running, attempt to connect to the host PostgreSQL database by specifying the special DNS host.docker.internal within your database connection string or as an environment variable.
Security Considerations
When allowing Docker containers to access host resources, maintain security operations to protect sensitive data.
- Network Segmentation: Protect unwanted access by limiting containers to only access necessary services.
- Environment Variables: Store credentials securely and avoid hardcoding.
- Firewall Rules: Configure the host's firewall to allow traffic from Docker subnets and block unauthorized access.
Troubleshooting Common Issues
If you encounter difficulties accessing the host database, consider the following:
- DNS Resolution Failures: Verify if the container can resolve
host.docker.internal. - Invalid Credentials: Double-check database user credentials and access permissions.
- Firewall Restrictions: Ensure the host firewall isn't blocking connections from Docker containers.
- Database Configuration: Reassess PostgreSQL’s configuration files,
postgresql.confandpg_hba.conf.
Summary Table
| Item | Linux Recommendation | Mac/Windows Recommendation |
| Access Method | --add-host=host.docker.internal:<host_ip> with bridge
network or use custom solution | DNS name host.docker.internal |
| Network Mode | Bridge or Host | Bridge or Host |
| Database Connection String | Use host IP in string | Use host.docker.internal |
| Diagnostics | Check IP tables and logs Check Docker's DNS configuration | Use docker inspect <container> for logs |
By following the instructions above, you should be able to configure Docker containers to access databases running on your host machine, enhancing the utility of containers in a collaborative development environment. Always consider security implications and adhere to best practices when exposing database services across network boundaries.

