I solved the problem eventually.
By default the network ip for transport is 127.0.0.1 rather than 0.0.0.0. Because it's only listening to 127.0.0.1 rahter than all interfaces, when accessing from outside the container, the transport is not accessible. So I set it to 0.0.0.0.
The problem following this is reseting the ip address triggers the bootstrap checks, which fail due to map counts check. Running "sysctl -w vm.max_map_count=262144" solves the problem.