Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Dynamic listening ports inside Docker container

Tags:

linux

docker

iptables

I have an application which after making some connections using its default ports starts opening(listening) new RANDOM ports to handle just the existing connection and then drops them (Video calls).

It also exchanges its IP address and ports inside the communication protocol, I was able to solve the IP address issue, but still not able to find a way to dynamically tell IPTABLES of the host machine to open same ports when they are being opened inside Docker container, anybody has any ideas?

like image 384
Victor H. Avatar asked Feb 16 '16 06:02

Victor H.

People also ask

What port is Docker listening on?

The Docker client will default to connecting to unix:///var/run/docker.sock on Linux, and tcp://127.0.0.1:2376 on Windows. For example: tcp:// -> TCP connection to 127.0. 0.1 on either port 2376 when TLS encryption is on, or port 2375 when communication is in plain text.

Do Docker containers share ports?

By default, when you create or run a container using docker create or docker run , it does not publish any of its ports to the outside world. To make a port available to services outside of Docker, or to Docker containers which are not connected to the container's network, use the --publish or -p flag.

How do I change Docker listening port?

You can change the port mapping by directly editing the hostconfig. json file at /var/lib/docker/containers/[hash_of_the_container]/hostconfig. json or /var/snap/docker/common/var-lib-docker/containers/[hash_of_the_container]/hostconfig.

Can Docker run multiple ports?

Exposing multiple ports in the same service Your service exposes only a single port, but services can also support multiple ports. For example, if your pods listened on two ports—let's say 8080 for HTTP and 8443 for HTTPS—you could use a single service to forward both port 80 and 443 to the pod's ports 8080 and 8443.

1 Answers

The --net=host option, for the docker run command, should enables the behavior you are seeking -- note that it is considered as insecure, but I really don't see any other mean of doing this.

See the docker run man page:

   --net="bridge"
      Set the Network mode for the container
                                  'bridge': create a network stack on the default Docker bridge
                                  'none': no networking
                                  'container:<name|id>': reuse another container's network stack
                                  'host': use the Docker host network stack. Note: the host mode gives the container full access to local system services  such  as  D-bus
   and is therefore considered insecure.
                                  '<network-name>|<network-id>': connect to a user-defined network
like image 106
Auzias Avatar answered Oct 20 '22 17:10

Auzias
Sign in to Comment

Related questions

Linux/crossplatform API for timezone rules? (replace locking localtime_r)
ERROR: clGetPlatformIDs -1001 when running OpenCL code (Linux)
Understanding linux kernel and patches releases
Find command find directories that were created after a certain date under Linux/Cygwin
Is it possible to define a variable as static in shell bash function like C?
How can I link to an older version of a shared library
Virtually contiguous vs. physically contiguous memory
run a script when a new veth interface is added
Bash script optimization for waiting for a particular string in log files
How to get kobject from current module
perf stat for part of program
Creating temporary named fifo in *nix system
Linux Kernel Module/IOCTL: inappropriate ioctl for device
LLVM out of source pass build: Loadable modules not supported (on Linux)
How to add timestamp certificate to a signed PE file on Linux?
Can't connect Websocket when using vagrant envirionment
Simulate mouse motion on linux wayland
How to use a variable in find command?
saving gtk window position
why did wait4() get replaced by waitpid()

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!