If I run docker container using the host network (--network host), for any services running in the container their exposed port can be directly accessed from host right?
I always thought so until I'm running docker container using the host network under Windows --
The ip a s eth0 shows that my container IP address is 192.168.65.3
The route | awk '/^default/ { print $2 }' gives 192.168.65.1
However, my host machine has an IP of 10.66.xx.xx
I.e., the container IP address and host IP are completely different. Unlike what the https://www.metricfire.com/blog/understanding-dockers-net-host-option/ says.
Anyway, if I'm running any services in the container, how to expose their port so that they can be directly accessed from host? (I thought with host network (--network host), you no longer need to map port from container to host)
thx
docker version
Client: Docker Engine - Community
Version: 19.03.8
API version: 1.40
Go version: go1.12.17
Git commit: afacb8b
Built: Wed Mar 11 01:23:10 2020
OS/Arch: windows/amd64
Experimental: false
Server: Docker Engine - Community
Engine:
Version: 19.03.8
API version: 1.40 (minimum version 1.12)
Go version: go1.12.17
Git commit: afacb8b
Built: Wed Mar 11 01:29:16 2020
OS/Arch: linux/amd64
Experimental: false
containerd:
Version: v1.2.13
GitCommit: 7ad184331fa3e55e52b890ea95e65ba581ae3429
runc:
Version: 1.0.0-rc10
GitCommit: dc9208a3303feef5b3839f4323d9beb36df0a9dd
docker-init:
Version: 0.18.0
GitCommit: fec3683
Host networking is not supported on Windows:
The host networking driver only works on Linux hosts, and is not supported on Docker Desktop for Mac, Docker Desktop for Windows, or Docker EE for Windows Server.
https://docs.docker.com/network/network-tutorial-host/
I would suggest trying the -p option to docker run, since that is supported on Windows.
Alternately, one forum user suggests using VirtualBox in bridged mode to install Linux, which can then use host networking. YMMV.
Related
I have kubernetes cluster with 7 worker nodes running behind proxy. Deploying application on cluster and scaling application is consuming too much of internet bandwidth. Therefore I decided to deploy Docker Registry acting as pull through cache server. But deployments are not pulling images from the registry. What is the issue here?
Docker daemon.json
...
"registry-mirrors": [
"https://myregistry",
"https://myregistry:443"
]
Docker version
Client: Docker Engine - Community
Version: 20.10.5
API version: 1.40
Go version: go1.13.15
Git commit: 55c4c88
Built: Tue Mar 2 20:33:55 2021
OS/Arch: linux/amd64
Context: default
Experimental: true
Server: Docker Engine - Community
Engine:
Version: 19.03.14
API version: 1.40 (minimum version 1.12)
Go version: go1.13.15
Git commit: 5eb3275d40
Built: Tue Dec 1 19:19:17 2020
OS/Arch: linux/amd64
Experimental: false
containerd:
Version: 1.4.3
GitCommit: 269548fa27e0089a8b8278fc4fc781d7f65a939b
runc:
Version: 1.0.0-rc92
GitCommit: ff819c7e9184c13b7c2607fe6c30ae19403a7aff
docker-init:
Version: 0.18.0
GitCommit: fec3683
Kubernetes version
Server Version: version.Info{Major:"1", Minor:"18", GitVersion:"v1.18.15", GitCommit:"73dd5c840662bb066a146d0871216333181f4b64", GitTreeState:"clean", BuildDate:"2021-01-13T13:14:05Z", GoVersion:"go1.13.15", Compiler:"gc", Platform:"linux/amd64"
Docker registry configuration
version: 0.1
log:
fields:
service: registry
storage:
cache:
blobdescriptor: inmemory
filesystem:
rootdirectory: /data
http:
addr: :5000
headers:
X-Content-Type-Options: [nosniff]
health:
storagedriver:
enabled: true
interval: 10s
threshold: 3
proxy:
remoteurl: https://index.docker.io/v1/
To access the Docker Registry, your Kubernetes cluster needs to be able to make an outbound connection to the registry. If your proxy server is blocking this connection, then the deployments will not be able to retrieve the images from the registry. You may need to configure your proxy server to allow outbound connections to the registry.
The API server is not able to access any of the services running inside of the Docker container. This could be due to a misconfiguration or a firewall blocking the connection. In order for the API server to access the services running inside the container, it needs to have access to the Docker daemon, which is responsible for managing the containers. In order to allow the API server to access the Docker services deployed registry on another host with docker-compose, you will need to configure the appropriate ports to be accessible from the API server. You will need to open port 2375 on the Docker host, which is the default port used by the Docker Remote API. Additionally, you will need to ensure that port 5000 is open on the Docker host, as this is the default port used by the Docker Registry. Once you have opened up the necessary ports, you should be able to access the Docker services deployed registry on the Docker host from the API server.
Set the imagePullPolicy to Never, otherwise Kubernetes will try to download the image.
Refer to this document for more information.
I'm trying to create an ECS context using Docker so that I can deploy to AWS using the Docker Compose CLI
docker context create ecs <my context name>
But am receiving the following error:
"docker context create" requires exactly 1 argument.
See 'docker context create --help'.
Usage: docker context create [OPTIONS] CONTEXT
Create a context
I've edited my /etc/docker/daemon.json to include
{
"experimental": true
}
My Docker Compose CLI is version 2.14.2 and both the Client and Server show experimental as true
Client:
Version: 20.10.22
API version: 1.41
Go version: go1.19.4
Git commit: 3a2c30b63a
Built: Tue Dec 20 20:43:40 2022
OS/Arch: linux/amd64
Context: default
Experimental: true
Server:
Engine:
Version: 20.10.22
API version: 1.41 (minimum version 1.12)
Go version: go1.19.4
Git commit: 42c8b31499
Built: Tue Dec 20 20:42:46 2022
OS/Arch: linux/amd64
Experimental: true
containerd:
Version: v1.6.14
GitCommit: 9ba4b250366a5ddde94bb7c9d1def331423aa323.m
runc:
Version: 1.1.4
GitCommit: v1.1.4-0-g5fd4c4d1
docker-init:
Version: 0.19.0
GitCommit: de40ad0
This should be available in Docker since 19.03
https://docs.docker.com/cloud/ecs-integration/#install-the-docker-compose-cli-on-linux
So far I've only been able to create an ECS context by installing Docker with the experimental Arch package for Docker Desktop instead of Docker Compose Standalone. The weird thing is, Docker Desktop's Docker Compose version is only 2.13.
This also might be related to this question:
docker context create ecs myecs - requires exactly one argument
According to official Docker's doc, Docker will create DNS server when it started which makes it able to query other container directly by container ID or name.
containers that use a custom network use Docker’s embedded DNS server, which forwards external DNS lookups to the DNS servers configured on the host.
But when I trying to use nslookup directly in container it failed to lookup but wget still success! What makes it different?
Reproduce steps:
docker network create my-net
docker run -d --name web --network my-net httpd
docker run -it --rm --network my-net busybox
after inside busybox:
$ wget -q -O - web
<html>...some content...</html>
It works great! but use nslookup will failed:
$ nslookup web
Server: 127.0.0.11
Address: 127.0.0.11:53
Non-authoritative answer:
*** Can't find web: No answer
This is my docker's version:
$ docker version
Client: Docker Engine - Community
Version: 20.10.21
API version: 1.41
Go version: go1.19.2
Git commit: baeda1f82a
Built: Tue Oct 25 17:53:02 2022
OS/Arch: darwin/amd64
Context: colima
Experimental: true
Server:
Engine:
Version: 20.10.18
API version: 1.41 (minimum version 1.12)
Go version: go1.18.6
Git commit: e42327a6d3c55ceda3bd5475be7aae6036d02db3
Built: Sun Sep 11 07:10:00 2022
OS/Arch: linux/amd64
Experimental: false
containerd:
Version: v1.6.8
GitCommit: 9cd3357b7fd7218e4aec3eae239db1f68a5a6ec6
runc:
Version: 1.1.4
GitCommit: 5fd4c4d144137e991c4acebb2146ab1483a97925
docker-init:
Version: 0.19.0
GitCommit:
While reproducing your issue I noticed that nslookup failed for any query (e.g., nslookup google.com also failed. Afterwards, I tried spinning up an ubuntu container on the same network and there both wget and nslookup worked fine. I do not know the exact reason why this is so, but my guess is that wget and nslookup rely on some system functionalities which are different for busybox and for ubuntu.
I'm having some trouble trying to get metabase running on docker.
I've installed Docker for Windows 7 following this tutotial.
Here is the docker version:
Client:
Version: 18.03.0-ce
API version: 1.37
Go version: go1.9.4
Git commit: 0520e24302
Built: Fri Mar 23 08:31:36 2018
OS/Arch: windows/amd64
Experimental: false
Orchestrator: swarm
Server:
Engine:
Version: 18.05.0-ce
API version: 1.37 (minimum version 1.12)
Go version: go1.10.1
Git commit: f150324
Built: Wed May 9 22:20:42 2018
OS/Arch: linux/amd64
Experimental: false
Now when I try to get the metabase running on docker, using
docker run -d -p 3000:3000 --name metabase metabase/metabase
and using
docker logs -f metabase
I get the message after all the setup:
Metabase Initialization COMPLETE
The problem is when I try to access http://0.0.0.0:3000 I get a ERR_ADDRESS_INVALID. I looked for all the ports that are "LISTENING" using
netstat -aon | find /i "listening"
I don't see the 0.0.0.0:3000 listed there.
Docker ps returns:
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
6a283cf6b8d7 metabase/metabase "/app/run_metabase.sh" 4 hours ago Up 4 hours 0.0.0.0:3000->3000/tcp metabase
I'm not sure if this is a problem with metabase image or with docker itself.
Does anyone have an idea on what this could be?
This 0.0.0.0 is not a valid IP address, but a non-routable meta-address
Your application is reachable on your machines IP address / hostname on port 3000.
If you are unsure, what your hostname is, you can run in powershell;
hostname
And then access it using http://your_hostname:3000
Normally the IDE should tell me, that a port is already in use, if there is a docker container which forwards its port to the same port - for example 8080.
I am using Docker for Mac in version:
Client:
Version: 18.03.1-ce
API version: 1.37
Go version: go1.9.5
Git commit: 9ee9f40
Built: Thu Apr 26 07:13:02 2018
OS/Arch: darwin/amd64
Experimental: false
Orchestrator: swarm
Server:
Engine:
Version: 18.03.1-ce
API version: 1.37 (minimum version 1.12)
Go version: go1.9.5
Git commit: 9ee9f40
Built: Thu Apr 26 07:22:38 2018
OS/Arch: linux/amd64
Experimental: true
docker ps (summary):
CONTAINER ID IMAGE STATUS PORTS
<some-id> my-app Up 3 seconds 0.0.0.0:8080->8080/tcp
IDE in Debugging mode (Spring Boot App):
...Tomcat started on port(s): 8080 (http)
When I send a curl request the app from the container sends the response. I know that, because there is a break point in the IDE. When I stop the docker container, the request stops at the break point.
How can these two processes listen on the same port?