How to Monitor Docker Container Network Connections with check-docker-connection
The guide explains what the check-docker-connection utility does, its key features, required environment, command‑line options, and provides step‑by‑step examples for monitoring single or multiple Docker containers and displaying the top N containers by network connections, helping users analyze network performance and troubleshoot issues.
The check-docker-connection utility monitors Docker container network connections, showing TCP and UDP connection counts and various connection states.
What is check-docker-connection
It lists the network connection status of specified containers, including ESTABLISHED, TIME_WAIT, FIN_WAIT2, CLOSE_WAIT, LISTEN, SYN_SENT, SYN_RECV, and UDP connection numbers. Users can specify containers by ID or name, or request the top N containers with the most connections. Results are displayed in a table for easy reading.
Main features
ESTABLISHED connections
TIME_WAIT connections
FIN_WAIT2 connections
CLOSE_WAIT connections
LISTEN state
SYN_SENT state
SYN_RECV state
UDP connection count
Environment requirements
Docker installed on the host netstat and nsenter commands (usually provided by the net-tools and util-linux packages)
Command‑line arguments
-c: specify one or more container IDs or names (comma‑separated) -n: show the top N containers with the most connections
Note: -c and -n cannot be used together.
Running the tool
$ docker run --rm -v /var/run/docker.sock:/var/run/docker.sock --pid=host --net=host --privileged 80imike/check-docker-connectionImportant flags:
The container needs access to the Docker socket, so /var/run/docker.sock is mounted. --pid=host and --net=host allow the container to see the host’s process and network namespaces. --privileged enables the use of nsenter inside the container.
Usage examples
Example 1 – monitor a single container
$ docker run --rm -v /var/run/docker.sock:/var/run/docker.sock --pid=host --net=host --privileged 80imike/check-docker-connection -c traefikThis prints all network connection states for the container named traefik.
Example 2 – monitor multiple containers
$ docker run --rm -v /var/run/docker.sock:/var/run/docker.sock --pid=host --net=host --privileged 80imike/check-docker-connection -c traefik,splayerShows the network connections for both traefik and splayer containers.
Example 3 – top N containers by connections
$ docker run --rm -v /var/run/docker.sock:/var/run/docker.sock --pid=host --net=host --privileged 80imike/check-docker-connection -n 3Displays the three containers with the highest number of network connections.
These examples demonstrate how to quickly inspect Docker container network states for performance analysis and troubleshooting.
Signed-in readers can open the original source through BestHub's protected redirect.
This article has been distilled and summarized from source material, then republished for learning and reference. If you believe it infringes your rights, please contactand we will review it promptly.
Liangxu Linux
Liangxu, a self‑taught IT professional now working as a Linux development engineer at a Fortune 500 multinational, shares extensive Linux knowledge—fundamentals, applications, tools, plus Git, databases, Raspberry Pi, etc. (Reply “Linux” to receive essential resources.)
How this landed with the community
Was this worth your time?
0 Comments
Thoughtful readers leave field notes, pushback, and hard-won operational detail here.