I have a plesk system with the docker extension. I want to run my docker container in host networking mode.
Usually I would use this command
docker run ... --net=host ...
How can I do it with the extension?
Related
I am writing a simple nodejs container to forward requests on localhost to a port, the container exposes port 4433
docker build . -t myproxy
when i run the container by publishing ports like
docker run --rm -p 4433:4433 myproxy
I am able to access my server through http://localhost:4433 as expected but if i try to run the container with --network host i.e
docker run --rm --net host myproxy
I cannot access the container and get site cannot be reached error.
why is container not binding to my host network?
if i provide both options i.e.
docker run --rm --net host -p 4433:4433 myproxy
then i do get warning on console that
WARNING: Published ports are discarded when using host network mode which means it does recognize that i am trying to use host network.
OS: MAC
From the Docker docs:
The host networking driver only works on Linux hosts, and is not supported on Docker Desktop for Mac, Docker Desktop for Windows, or Docker EE for Windows Server.
I'm running a gitlab/gitlab-ce container on docker. Then , inside it, i want to run a gitlab-runner service, by providing docker as runner. And every single command that i run (e.g docker ps, docker container ..), i get this error:
Cannot connect to the Docker daemon at unix:///var/run/docker.sock. Is
the docker daemon running
P.s: i've tried service docker restart, reinstal docker and gitlab-runner.
By default it is not possible to run docker-in-docker (as a security measure).
You can run your Gitlab container in privileged mode, mount the socket (-v /var/run/docker.sock://var/run/docker.sock) and try again.
Also, there is a docker-in-docker image that has been modified for docker-in-docker usage. You can read up on it here and create your own custom gitlab/gitlab-ce image.
In both cases, the end result will be the same as docker-in-docker isn't really docker-in-docker but lets your manage the hosts docker-engine from within a docker container. So just running the Gitlab-ci-runner docker image on the same host has the same result and is a lot easier.
By default the docker container running gitlab does not have access to your docker daemon on your host. The docker client uses a socket connection to communicate to the docker daemon. This socket is not available in your container.
You can use a docker volume to make the socket of your host available in the container:
docker run -v /var/run/docker.sock:/var/run/docker.sock gitlab/gitlab-ce
Afterwards you will be able to use the docker client in your container to communicate with the docker daemon on the host.
I'm trying to set up Docker with two containers. One is a web app and the second is a dnsmasq DHCP server.
Docker should update the dnsmasq container and the dhcp ip list from a event from the web app. The only option I have so far is to generate the dhcp hosts file and restart the dnsmasq container but it need to be done manually in the Docker host outside the web app container.
Is there a way to restart the service from another container?
The only way to restart a container from another container would be to mount /var/run/docker.sock and use the API. But I wouldn't do that from a webapp for obvious security reasons.
I would share the dhcp hosts file between the containers (with the -v option) and have a script running in the dnsmasq container that checks for changes in this file and restart the dnsmasq service in the container. There's no need to restart the container. You could use Supervisord to start dnsmasq and this script. I would use the --init flag to avoid zombie process.
From your host:
docker run -it --rm -v /var/run/docker.sock:/var/run/docker.sock --name=xxx ubuntu bash
docker cp /usr/bin/docker xxx:/usr/bin/docker
Go inside the container and check unresolved libs:
ldd /usr/bin/docker
Manually copy missing libs from host into container and setup including symlinks as required. In my case I had to:
docker cp /usr/lib/x86_64-linux-gnu/libltdl.so.7.3.1 xxx:/usr/lib/x86_64-linux-gnu/libltdl.so.7.3.1
And then inside the container I had to:
ln -sf /usr/lib/x86_64-linux-gnu/libltdl.so.7.3.1 /usr/lib/x86_64-linux-gnu/libltdl.so.7
Inside the container check again: ldd /usr/bin/docker if all is well, you can now run docker inside the container.
Note, that docker-compose run right away when i copied from host to container. Only docker i had to copy the extra library and setup the symlinks.
I have a CentOS docker container on a CentOS docker host. When I use this command to run the docker image docker run -d --net=host -p 8777:8777 ceilometer:1.x the docker container get host's IP but doesn't have ports assigned to it.
If I run the same command without "--net=host" docker run -d -p 8777:8777 ceilometer:1.x docker exposes the ports but with a different IP. The docker version is 1.10.1. I want the docker container to have the same IP as the host with ports exposed. I also have mentioned in the Dockerfile the instruction EXPOSE 8777 but with no use when "--net=host" is mentioned in the docker run command.
I was confused by this answer. Apparently my docker image should be reachable on port 8080. But it wasn't. Then I read
https://docs.docker.com/network/host/
To quote
The host networking driver only works on Linux hosts, and is not supported on Docker for Mac, Docker for Windows, or Docker EE for Windows Server.
That's rather annoying as I'm on a Mac. The docker command should report an error rather than let me think it was meant to work.
Discussion on why it does not report an error
https://github.com/docker/for-mac/issues/2716
Not sure I'm convinced.
The docker version is 1.10.1. I want the docker container to have same ip as the host with ports exposed.
When you use --net=host it tells the container to use the hosts networking stack. So you can't expose ports to the host, because it is the host (as far as the network stack is concerned).
docker inspect might not show the expose ports, but if you have an application listening on a port, it will be available as if it were running on the host.
On Linux, I have always used --net=host when myapp needed to connect to an another docker container hosting PostgreSQL.
myapp reads an environment variable DATABASE in this example
Like Shane mentions this does not work on MacOS or Windows...
docker run -d -p 127.0.0.1:5432:5432 postgres:latest
So my app can't connect to my other other docker container:
docker run -e DATABASE=127.0.0.1:5432 --net=host myapp
To work around this, you can use host.docker.internal instead of 127.0.0.1 to resolve your hosts IP address.
Therefore, this works
docker run -e DATABASE=host.docker.internal:5432 -d myapp
Hope this saves someone time!
To pass other options to docker build, you can speciy DOCKER_OPTS in /etc/default/docker, however --net is not available. Is it possible to use the host's networking stack when building a container?
I'm running Docker version 1.3.2, build 39fa2fa.
Thanks!
Try --network instead of --net. It is new in the 1.25 API and sets the networking mode for the RUN instructions.
To solve the problem, configure docker daemon to use the your company DNS server. For instance, if your resolv.conf has the following configuration:
$> cat /etc/resolv.conf
domain mycompany
search mycompany
nameserver 10.123.123.123
Change /etc/default/docker to contain the following:
DOCKER_OPTS="--dns 10.123.123.123"
And restart docker daemon with:
sudo service docker restart
Now, containers will have access to the intranet during the build operation.
Related answer: Dockerfile: Docker build can't download packages: centos->yum, debian/ubuntu->apt-get behind intranet
From the newest versions (currently docker ce v17) it is possible to add --network=host to your docker build command which is similar to --net=host when using docker run!