[stork-users] Stork Agent STORK_AGENT_HOST inside Docker

Slawek Figiel slawek at isc.org
Mon Jan 19 09:20:38 UTC 2026 

Hi Michael!

 > For registration and to generate the self-signed certificates, it 
needs to be set to the host IP address

It is not true. The STORK_AGENT_HOST must be set to the agent's hostname 
or IP address. This address must be accessible to the Stork server; it 
means the server must be able to connect to the agent on 
STORK_AGENT_HOST:STORK_AGENT_PORT.

If you run the Stork server in a Docker container, STORK_AGENT_HOST can 
be set to the service name (if Docker Compose is used), the container's 
hostname, or the container's IP address on the network shared between 
the agent and server.

See the "docker/docker-compose.yaml" file in the Stork repository for an 
example. We use this Docker compose file to run our public demo.

It is also possible to set up the agent (and Kea/BIND9) in containers 
and run the Stork server directly on the host. In this case, the 
STORK_AGENT_HOST variable should be set to the hostname assigned to the 
container, and you need to add a mapping from that hostname to localhost 
(127.0.0.1) in the host's "/etc/hosts" file.

Don't hesitate to ask for more details if you encounter any further 
problems.

Best regards
Slawek Figiel

On 1/19/26 7:36 AM, Michael Salathe wrote:
> Hi
> 
> I’m running KEA and BIND9 on multiple hosts using docker.
> 
> When I was trying to add stork-agent to those, I run into a problem with 
> the STORK_AGENT_HOST variable:
> 
>   * For registration and to generate the self-signed certificates, it
>     needs to be set to the host IP address
>   * To start the agent webserver it needs to be set to the docker
>     container IP address(used with net.Listen() )
> 
> I couldn’t really find a solution for this, although I imagine other 
> people must run into this problem as well.
> 
> What I found is this post, suggesting to use custom certificates. Which 
> is described as “a bit hard to use.”
> https://lists.isc.org/mailman/htdig/stork-users/2025-April/000434.html 
> <https://lists.isc.org/mailman/htdig/stork-users/2025-April/000434.html>
> 
> And I found this issue that was moved to the backlog in 2023:
> 
> https://gitlab.isc.org/isc-projects/stork/-/issues/1149 <https:// 
> gitlab.isc.org/isc-projects/stork/-/issues/1149>
> 
> What I ended up doing is replace the host part in this segment with 
> “0.0.0.0”. This allows it to listen on the container IP,
> 
> but uses the STORK_AGENT_HOST for everything else:
> 
> https://github.com/isc-projects/stork/ 
> blob/2ad80e27f71237b0930f36e977ad8f4af726934e/backend/agent/ 
> agent.go#L912 <https://github.com/isc-projects/stork/ 
> blob/2ad80e27f71237b0930f36e977ad8f4af726934e/backend/agent/agent.go#L912>
> 
> I’m wondering if there is an easy solution for this that I am not seeing?
> 
> Thanks,
> 
> Michael
> 
>

More information about the Stork-users mailing list