docker not exposing the port with network host

Question

I am trying to run a docker container listening on port 5555, the image is built with EXPOSE 5555 in Dockerfile and I am running the container as below

$ docker run -d --name controler -p 5555:5555  -v /var/run/docker.sock:/var/run/docker.sock --net=host  my_image:latest

The container starts fine but the ports are not exposed, running docker port returns an error message

$ docker port controler 5555
Error: No public port '5555/tcp' published for controler

If I run the container without --net=host , the ports are exposed and I can access the container.

Any idea or hints on what is really happening here is appreciated.

Note: I am using the latest docker for mac beta Version 1.12.0-beta21 (build: 11019) on my mac running el capitan

Answer 1

--net=host option

This option bind the virtual NIC of the container to the host physical NIC (by giving full access to local system services such as D-bus).

When this option is used every program that request a network socket will be granted one by the host from the physical NIC. Your service will then be using the 5555 port as expected.

-p 5555:5555 option

This option bind (through iptable-like mechanism) the network socket containter-ip:5555 to the network socket host-ip:5555.

---

In other words

It seems, IMHO, a bit illogical to use them both. If the needs is to publish the containerized service to the socket host-ip:5555 then the cleanest way is to only use the -p 5555:5555 option.