Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

How can I forward localhost port on my container to localhost on my host?

I have a daemon on my host running on some port (i.e. 8008) and my code normally interacts with the daemon by contacting localhost:8008 for instance.

I've now containerized my code but not yet the daemon. How can I forward the localhost:8008 on my container to localhost:8008 on the host running the container (and therefore the daemon as well).

The following is netstat -tlnp on my host. I'd like the container to forward localhost:2009 to localhost:2009 on the host

Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name             tcp        0      0 127.0.0.1:2009          0.0.0.0:*               LISTEN      22547/ssh        tcp6       0      0 :::22                   :::*                    LISTEN      -                tcp6       0      0 ::1:2009                :::*                    LISTEN      22547/ssh             
like image 702
Setheron Avatar asked May 07 '15 18:05

Setheron


People also ask

How do I expose a container port to localhost?

You can do this in the following ways: Add an EXPOSE instruction in the Dockerfile. Use the –expose flag at runtime to expose a port. Use the -p flag or -P flag in the Docker run string to publish a port.

How do I bind a container to localhost?

A simple solution to this in a Linux machine is to use the --network=”host” option along with the Docker run command. After that, the localhost (127.0. 0.1) in your Docker container will point to the host Linux machine. This runs a Docker container with the settings of the network set to host.

Can host port and container port be the same?

When using BRIDGE or USER mode networking, be sure to bind your application to the containerPort s you have specified in your portMapping s. However, if you have set containerPort to 0 then this will be the same as hostPort and you can use the $PORT environment variables.


2 Answers

So the way you need to think about this is that Docker containers have their own network stack (unless you explicitly tell it to share the host's stack with --net=host). This means ports need to be exposed both inside the docker container and also on the outside (documentation), when linked with host ports. The ports exposed on the container need to be bound to the host ports explicitly (with -p xxxx:yyyy in your docker run command) or implicitly (using EXPOSE in your Dockerfile and using -P on the command line), like it says here. If your Dockerfile does not contain EXPOSE 8008, or you do not specify --expose 8008 in your docker run command, your container can't talk to the outside world, even if you then use -p 8008:8008 in your docker run command!

So to get tcp/8008 on the host linked with tcp/8008 on the container, you need EXPOSE 8008 inside your Dockerfile (and then docker build your container) OR --expose 8008 in your docker run command. In addition, you need to either use -P to implicitly or -p 8008:8008 to explicitly link that exposed container port to the host port. An example docker run command to do this might look like:

docker run -it --expose 8008 -p 8008:8008 myContainer

It's handy to remember that in the -p 8008:8008 command line option, the order for this operation is -p HOST_PORT:CONTAINER_PORT. Also, don't forget that you won't be able to SSH into your container from another machine on the internet unless you also have this port unblocked in iptables on the host. I always end up forgetting about that and waste half an hour before I remember I forgot to iptables -A INPUT ... for that specific tcp port on the host machine. But you should be able to SSH from your host into the container without the iptables rule, since it uses loopback for local connections. Good luck!

like image 149
L0j1k Avatar answered Sep 20 '22 11:09

L0j1k


After checked the answers and did some investigation, I believe there are 2 ways of doing that and these 2 only work in Linux environment.

The first is in this post How to access host port from docker container

The second should be set your --network=host when you docker run or docker container create. In this case, your docker will use the same network interface you use in Mac.

However, both ways above cannot be used in Mac, so I think it is not possible to forward from the container to host in Mac environment. Correct me if I am wrong.

like image 36
StevenR Avatar answered Sep 21 '22 11:09

StevenR