-
Notifications
You must be signed in to change notification settings - Fork 2.4k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Support Docker's host.docker.internal:host-gateway special host #10878
Comments
Oh but
|
Ah just see this feature is only there since podman v3.2.0: #5651 and #9972 /cc @kermorgant However, … I still think it does not work as what I'd expect from Docker. |
From Podman 3.2.x and up, we're doing this automatically. A side effect of this is that we don't support the Docker CLI syntax. We could change to be more compatible by requiring their special invocation of |
Okay, good to know. So, however, the routing does not work as I commented in #10878 (comment) – or should I open a new issue for that? Say a HTTP server is running on port 1234 on the host… The disadvantage of using the hostname is that you then cannot use a firewall to block the ports from the outside, but all ports actually need to be accessible from the outside (in my example here port 1234). This is what I don't want. |
Root or rootless Podman? I would expect that this would work, but only as root |
Rootless. |
This sounds expected, then, given the limitations of the rootless network stack. The "host" in the rootless sense is not a pointer to an IP on the host, but to the internal slirp4netns IP where traffic from the host originates. Rootless does not have the privileges required to configure proper network bridges, so instead traffic is tunneled from the host into the container; a side effect of this is that communication from host to container is limited to only forwarded ports. There is an option to expose the host's localhost into the container, albeit there are security implications to doing so (applications binding to localhost on the assumption that it is not shared) |
Oh yeah |
Oh but doing |
I don't believe so, no - you still don't have a bridge between the host and container, so traffic can't be routed straight from host to container. |
|
I think this issue is fixed, reopen if I am mistaken, or open a new issue.
|
But |
Is this a BUG REPORT or FEATURE REQUEST? (leave only one on its own line)
/kind feature
Description
Docker has a feature since v20.10.0+ for Linux (at least according to Stackoverflow) here you can add a special host
--add-host=host.docker.internal:host-gateway
, which refers to the host system, so you can access their ports from a container.Now podman does not seem to support that this way, at least…
Steps to reproduce the issue:
Describe the results you received:
Well… it says
invalid IP address
, which makes it incompatible with Docker, I guess, at least as a drop-in solution. 😅Describe the results you expected:
Offer Docker compatibility here, i.e. it should also resolve to the hosts IP address?
Additional information you deem important (e.g. issue happens only occasionally):
Accidentally though, I've noticed you can use another domain and just do this
host.containers.internal
…However it has some differences…:
--add-hosts
, i.e. in Docker you could do--add-host=my-own-domain-name:host-gateway
. This is not possible in podman via this way…At least the obvious "polyfill"
--add-host host.docker.internal:host.containers.internal
does not work…Also, it seems podman always copies or mounts
/etc/hosts
from the host into the container (i.e. the part before# used by slirp4netns
), I wonder whether they is really done deliberately…BTW, yes my example uses
ping
,nslookup
always failed to solve the IP for whatever reason…Output of
podman version
:Also reproduced with:
Have you tested with the latest version of Podman and have you checked the Podman Troubleshooting Guide? (https://github.com/containers/podman/blob/master/troubleshooting.md)
Yes
Additional environment details (AWS, VirtualBox, physical, etc.):
Physical
Tested with Fedora CoreOS 34.20210611.3.0
And Fedora Workstation 34
The text was updated successfully, but these errors were encountered: