The Docker API proxy automatically attaches containers to the Weave network when they are started using the ordinary Docker command-line interface or the remote API.

Attaching Containers to a Weave Network

There are three ways to attach containers to a Weave network (which method to use is entirely up to you):

1. The Weave Net Docker API Proxy. See Setting Up the Weave Net Docker API Proxy.

2. The Docker Network Plugin framework. The Docker Network Plugin is used when Docker containers are started with the –net flag, for example:

docker run --net <docker-run-options>


Note that if a Docker container is started with the –net flag, then the Weave Docker API Proxy is automatically disabled and is not used to attach containers. See Integrating Docker via the Network Plugin (Legacy) and Integrating Docker via the Network Plugin (V2).

3. Containers can also be attached to the Weave network with weave attach commands. This method also does not use the Weave Docker API Proxy. See Dynamically Attaching and Detaching Containers.

Setting Up The Weave Net Docker API Proxy

The proxy sits between the Docker client (command line or API) and the Docker daemon, and intercepts the communication between the two. It is started along with the router and weaveDNS when you run:

host1$ weave launch

N.B.: Prior to version 2.0, the launch-proxy command allowed to pass configuration options and to start the proxy independently. This command has been removed in 2.0 and launch now also accepts configuration options for the proxy.

By default, the proxy decides where to listen based on how the launching client connects to Docker. If the launching client connected over a UNIX socket, the proxy listens on /var/run/weave/weave.sock. If the launching client connects over TCP, the proxy listens on port 12375, on all network interfaces. This can be adjusted using the -H argument, for example:

host1$ weave launch -H tcp://

If no TLS or listening interfaces are set, TLS is auto-configured based on the Docker daemon’s settings, and the listening interfaces are auto-configured based on your Docker client’s settings.

Multiple -H arguments can be specified. If you are working with a remote docker daemon, then any firewalls in between need to be configured to permit access to the proxy port.

All docker commands can be run via the proxy, so it is safe to adjust your DOCKER_HOST to point at the proxy. Weave Net provides a convenient command for this:

host1$ eval $(weave env)
host1$ docker ps

The prior settings can be restored with

host1$ eval $(weave env --restore)

Alternatively, the proxy host can be set on a per-command basis with

host1$ docker $(weave config) ps

The proxy can be stopped, along with the router and weaveDNS, with

host1$ weave stop

If you set your DOCKER_HOST to point at the proxy, you should revert to the original settings prior to running stop.

See Also