IP addresses of docker containers not being identified or registered by VMware tools on a Virtual Machine running Docker
Article ID: 329059
Updated On:
Products
VMware vSphere ESXi
Issue/Introduction
This article provides steps to resolve this issue, and to allow for network connectivity to be established to the underlying docker containers that are being managed by a VM.
Symptoms:
Symptoms:
- Docker container IPs running on a Virtual Machine are not being picked up or identified by VMware tools.
- Connectivity to the VM managing the docker containers can be established; however, the docker containers themselves cannot be reached over the network.
- Regardless of the guest OS of the managing VM (linux, windows, macOS, FreeBSD, etc..), IP detection and network access to the docker containers cannot be established.
Cause
- By default, recent versions of VMware tools are set to mask the docker network interfaces from being detected on a Virtual Machine.
- This is due to the fact that, at present, VMware tools does not detect or report containers to the vSphere environment.
- This is due to the fact that, at present, VMware tools does not detect or report containers to the vSphere environment.
Resolution
- To override the default setting that masks docker network interfaces, changes must be made to the tools.conf file of the guest-OS that is running the docker containers
- To see the default location for tools.conf on various guest OSes, please refer to the following article:
- Note: If the tools.conf file does not exist on your VM, it must be manually created in the correct directory (seen in above reference article)
- Even if tools.conf does not yet exist on your VM, VMware tools is loaded with the following configuration in place:
[guestinfo]
exclude-nics=veth*,docker*,virbr*
exclude-nics=veth*,docker*,virbr*
- Add the above lines to the new or existing tools.conf file, but then remove the "docker*" from the "exclude-nics" parameter.
- For example:
- exclude-nics=veth*,virbr*
- To remove all network interface detection masking, leave exclude-nics blank, such as:
- exclude-nics=
- For example:
- Save the file, and then restart the VMware tools service (or reboot the guest OS).
- The underlying docker containers should now be accessible over the network.
- The docker IPs should now be detected and listed under "IP Addresses:" on the summary tab of the VM that is managing the docker containers.
Additional Information
Review the following VMware article for a more detailed description of the "exclude-nics" parameter that disables certain types of network adapters from detection by VMware tools, by default
https://docs.vmware.com/en/VMware-Tools/10.3.0/com.vmware.vsphere.vmwaretools.doc/GUID-ECCF9D01-3666-40CE-B9FD-7EE0738AB5D9.html
A 3rd party article also discusses vNIC exclusion, and vNIC priority re-ordering, in greater detail:
https://www.virtuallyghetto.com/2017/12/vmware-tools-10-2-0-enables-virtual-machine-vnic-exclusion-and-priority-re-ordering.html
https://docs.vmware.com/en/VMware-Tools/10.3.0/com.vmware.vsphere.vmwaretools.doc/GUID-ECCF9D01-3666-40CE-B9FD-7EE0738AB5D9.html
A 3rd party article also discusses vNIC exclusion, and vNIC priority re-ordering, in greater detail:
https://www.virtuallyghetto.com/2017/12/vmware-tools-10-2-0-enables-virtual-machine-vnic-exclusion-and-priority-re-ordering.html
Feedback
Yes
No
Powered by
