I have an application which after making some connections using its default ports starts opening(listening) new RANDOM ports to handle just the existing connection and then drops them (Video calls).
It also exchanges its IP address and ports inside the communication protocol, I was able to solve the IP address issue, but still not able to find a way to dynamically tell IPTABLES of the host machine to open same ports when they are being opened inside Docker container, anybody has any ideas?
The Docker client will default to connecting to unix:///var/run/docker.sock on Linux, and tcp://127.0.0.1:2376 on Windows. For example: tcp:// -> TCP connection to 127.0. 0.1 on either port 2376 when TLS encryption is on, or port 2375 when communication is in plain text.
By default, when you create or run a container using docker create or docker run , it does not publish any of its ports to the outside world. To make a port available to services outside of Docker, or to Docker containers which are not connected to the container's network, use the --publish or -p flag.
You can change the port mapping by directly editing the hostconfig. json file at /var/lib/docker/containers/[hash_of_the_container]/hostconfig. json or /var/snap/docker/common/var-lib-docker/containers/[hash_of_the_container]/hostconfig.
Exposing multiple ports in the same service Your service exposes only a single port, but services can also support multiple ports. For example, if your pods listened on two ports—let's say 8080 for HTTP and 8443 for HTTPS—you could use a single service to forward both port 80 and 443 to the pod's ports 8080 and 8443.
The --net=host
option, for the docker run
command, should enables the behavior you are seeking -- note that it is considered as insecure, but I really don't see any other mean of doing this.
See the docker run
man page:
--net="bridge"
Set the Network mode for the container
'bridge': create a network stack on the default Docker bridge
'none': no networking
'container:<name|id>': reuse another container's network stack
'host': use the Docker host network stack. Note: the host mode gives the container full access to local system services such as D-bus
and is therefore considered insecure.
'<network-name>|<network-id>': connect to a user-defined network
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With