Forum Discussion

chanev's avatar
chanev
Copper Contributor
Jan 19, 2021

docker - Azure Container Instance - how to make my container accesable and recognized from outside?

 

I have windows container which should access to external VM database (that is not in container, lets say VM1) so I would define for them l2bridge network driver in order to use the same Virtual Network.

docker network create -d "l2bridge" --subnet 10.244.0.0/24 --gateway 10.244.0.1 
-o com.docker.network.windowsshim.vlanid=7 
-o com.docker.network.windowsshim.dnsservers="10.244.0.7" my_transparent

So I suppose we need to stick on this definitely. But now as well I need to make my container accessible from outside, on port 9000, from other containers as well as from other VMs. I suppose this has to be done based on its name (host name) since IP will be changed after the each restart. How I should make my container accessible from some other VM2 virtual machine - Should I do any modifications within the network configuration? Or I just to make sure they are both using the same DNS server? Of course I will do the expose of the port, but should I do any kind of additional network configuration in order to allow traffic on that specific port? I've read that by default network traffic is not allowed and that Windows may block some thing.

I will appreciate help on this. Thanks

2 Replies

  • avalynn1133's avatar
    avalynn1133
    Copper Contributor
    Dec 06, 2025

    Hi, you are on the right track. When the container gets a new IP each time, you should not depend on it. The easiest way is to make sure the container is in the same network and that your DNS can resolve its name.

    You should also check that the port you want (9000) is open in the container and on the Windows firewall. Sometimes Windows blocks traffic by default, so you may need to allow that port.

    If the other VM is in the same virtual network and uses the same DNS, it should see the container by its hostname. Just make sure the network rules and firewall rules allow the traffic.

    Hope this helps and works for you!

  • Kidd_Ip's avatar
    Kidd_Ip
    MVP
    Dec 06, 2025

    To enable external access to a Windows container on port 9000, the container should be connected to the l2bridge network so that it resides within the same subnet as the associated virtual machines. The port must be explicitly exposed and published during container execution, and appropriate DNS records or static hostnames should be configured to ensure that other VMs can reliably resolve the container’s name. Additionally, Windows firewall policies must be updated to permit inbound traffic on port 9000. Because container IP addresses are reassigned on restart, relying solely on dynamic IPs is not a sustainable approach; a DNS or static endpoint is required for consistent accessibility.

     

    Connect container endpoints to a tenant virtual network | Microsoft Learn

Resources