I am troubleshooting a solution in which I am setting up a HA cluster. Although I know the ports needed for the application to perform failover and failback, somehow the dockerized solution is not working. I suspect that there are some ports that I do not know about yet.
Currently, my EXPOSE statement says:
EXPOSE 8080 61616 5672 61613 5445 1883
I also start my docker containers with
docker run --network host -p 8080:8080 -p 61616:61616 -p 5672:5672 -p 61613:61613 -p 5445:5445 -p 1883:1883
But for the sake of troubleshooting, I want to expose ALL ports.
I tried something like:
EXPOSE 1-65535
But this gives an ERROR.
What is the best way I can expose ALL ports of the docker container?
When running using --network host there is no need to map the ports. All the docker container ports will be available since the network host mode makes the container use the host's network stack.
Also the EXPOSE 8080 61616 5672 61613 5445 1883 is not needed. This instruction doesn't do anything. It is just a way to document which ports need to be mapped.
In short, running docker run --network host ... will expose all the container ports.
The host networking driver only works on Linux hosts, and is not supported on Docker Desktop for Mac, Docker Desktop for Windows, or Docker EE for Windows Server.
More information on the Docker documentation portal.
Using host networking will expose almost all the ports just like you're running the application in the host machine. If port flags are used when running in host networking mode, those flags are ignored with a warning
Note: Given that the container does not have its own IP-address when using host mode networking, port-mapping does not take effect, and the -p, --publish, -P, and --publish-all option are ignored, producing a warning instead:
WARNING: Published ports are discarded when using host network mode
Make sure your host is a Linux host because host networking is only supported by Linux hosts.
The host networking driver only works on Linux hosts, and is not supported on Docker Desktop for Mac, Docker Desktop for Windows, or Docker EE for Windows Server.
This is mentioned in Docker documentation it self. View particular Documentation
Related
I am trying to run the demonstration for docker, and host networking using:
docker run --rm -d --network host --name my_nginx nginx
When inspecting the running container using Docker Desktop, it show port 80 as not bound. Also, when navigating to http://localhost:80, I am not able to see the default nginx welcome. I am only able to see any application when I manually bind ports to the host machine; i.e -p 80:80. I did give myself a custom local IP address and DNS options (Windows 10). Do I need to modify my hosts file on my system?
I run docker container docker run -it --network host ubuntu:latest bash, but when I start there some server(on port 3000 for example), i can not open it from the main os.
How can I start the container (without describing expose or publish port) for up there some servers on different ports dynamicaly, and i want that ports will be available from the outer. I want to create container once, and keep there all changes, and back there via command docker start ..., docker exec ...
Visit this link to your solution
Here's Docker networking in the section The Host Driver
You will find the following abstract
As the name suggests, host drivers use the networking provided by the host machine. And it removes network isolation between the container and the host machine where Docker is running. For example, If you run a container that binds to port 80 and uses host networking, the container’s application is available on port 80 on the host’s IP address. You can use the host network if you don’t want to rely on Docker’s networking but instead rely on the host machine networking.
One limitation with the host driver is that it doesn’t work on Docker desktop: you need a Linux host to use it. This article focuses on Docker desktop, but I’ll show you the commands required to work with the Linux host.
The following command will start an Ubuntu image and listen to port 80 on the host machine:
docker run -it --network host ubuntu:latest /bin/bash
I am trying to connect and run a device (LiDAR) through Docker container since it needs Ubuntu 16 while my computer is Ubunutu 20.
I got the device to ping inside the docker container, but it is not recognised when I try to use it.
What I did:
Made Dockerfile with requirements (Added EXPOSE to expose all ports)
Built docker image using:
docker build -t testLidar
I then made a container using
docker run -d -P --name test_Lidar (imagename)
Then
docker exec -t test_Lidar (device_ip) works
I am able to ping my LiDAR IP inside the container, but when I do ip a I cannot see the interfaces connected to my machine.
Been stuck on this for 3 days, any suggestions?
Note: I have done the exact same steps but on an Ubuntu 16 machine. The only change was the docker run command had --net host instead of -P tag and my device worked perfectly. I feel like this is the root of my problem.
Use --net host flag with docker run to attach the container to your host's networking stack and make it available in for other hosts in your network.
When you use --net host, you actually attach the container to your host's networking stack. By default, containers are attached to the default network of type bridge and can communicate with each other. You can then reach them only from your host using its ip addresses typically in subnet 172.17.0.0/16.
Using -P actually binds exposed ports from a container with randomly selected free ports on your host. It should be used for exposing network services (eg. web server with port 80), but not for ICMP ping.
I have a CentOS docker container on a CentOS docker host. When I use this command to run the docker image docker run -d --net=host -p 8777:8777 ceilometer:1.x the docker container get host's IP but doesn't have ports assigned to it.
If I run the same command without "--net=host" docker run -d -p 8777:8777 ceilometer:1.x docker exposes the ports but with a different IP. The docker version is 1.10.1. I want the docker container to have the same IP as the host with ports exposed. I also have mentioned in the Dockerfile the instruction EXPOSE 8777 but with no use when "--net=host" is mentioned in the docker run command.
I was confused by this answer. Apparently my docker image should be reachable on port 8080. But it wasn't. Then I read
https://docs.docker.com/network/host/
To quote
The host networking driver only works on Linux hosts, and is not supported on Docker for Mac, Docker for Windows, or Docker EE for Windows Server.
That's rather annoying as I'm on a Mac. The docker command should report an error rather than let me think it was meant to work.
Discussion on why it does not report an error
https://github.com/docker/for-mac/issues/2716
Not sure I'm convinced.
The docker version is 1.10.1. I want the docker container to have same ip as the host with ports exposed.
When you use --net=host it tells the container to use the hosts networking stack. So you can't expose ports to the host, because it is the host (as far as the network stack is concerned).
docker inspect might not show the expose ports, but if you have an application listening on a port, it will be available as if it were running on the host.
On Linux, I have always used --net=host when myapp needed to connect to an another docker container hosting PostgreSQL.
myapp reads an environment variable DATABASE in this example
Like Shane mentions this does not work on MacOS or Windows...
docker run -d -p 127.0.0.1:5432:5432 postgres:latest
So my app can't connect to my other other docker container:
docker run -e DATABASE=127.0.0.1:5432 --net=host myapp
To work around this, you can use host.docker.internal instead of 127.0.0.1 to resolve your hosts IP address.
Therefore, this works
docker run -e DATABASE=host.docker.internal:5432 -d myapp
Hope this saves someone time!
I understand that to expose ports in a docker container, you can use the -p flag (e.g. -p 1-100:1-100). But is there a nice way to expose a large percentage of possible ports from the container to the host machine? For instance if I am running a router of sorts in a container that lives in a VM, and I would like to expose all ports in the container from 32768 upwards to 65535, is there a nice way to do this? As it stands I've tried using the -p flag and it complains about memory allocation errors.
Nvm. I figured out my misunderstanding. -P is what I want, and I want to expose and not explicitly map ports.
tl;dr
docker run --net=host ...
Docker offers different networking modes for containers. By default the networking mode is bridge which implies the need to expose ports.
If you run a container with networking mode host then you won't need to expose/forward ports as both the docker host and the container will share the very same network interface.
In the container, localhost will refer to the docker host. Any port opened in the container is in fact opened on the docker host network interface.