Use hosts public ip address in /etc/hosts for rootless containers

[asbachb]

Follow up to #8466

@mheon: Please open a bug about this - we should probably change over to the host's public IP for rootless containers.

root@d9e153cabee0:/# cat /etc/hosts 
127.0.0.1	localhost
127.0.1.1	vm-virtualbox

# The following lines are desirable for IPv6 capable hosts
::1     ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
# used by slirp4netns
10.0.2.100	d9e153cabee0 jolly_borg
10.0.2.2 host.containers.internal

But the container does not seem to be able to route to the host:

vm@vm-virtualbox:~$ python3 -m http.server 8000
Serving HTTP on 0.0.0.0 port 8000 (http://0.0.0.0:8000/) ...

root@d9e153cabee0:/# curl http://127.0.1.1:8000
curl: (7) Failed to connect to 127.0.1.1 port 8000: Connection refused
root@d9e153cabee0:/# curl http://10.0.2.2:8000
curl: (7) Failed to connect to 10.0.2.2 port 8000: Network is unreachable

[rhatdan]

I think the routing problem is a firewall problem.

[asbachb]

I think the routing problem is a firewall problem.

These pastes are from a vm without firewall.

[mheon]

@rhatdan Negative. The host.containers.internal entry is pointing to the internal slirp4netns address, which isn't really the host - you can't access any port opened on the host at that address, for example. I think that, given the intention of host.containers.internal to allow easy access to the host, we should point to a public IP on the host system.

[rhatdan]

The question is how do you discover the public IP of the host?

[Luap99]

Not the public IP. It should be the first non localhost ipv4 of all host interfaces IMO, e.g the same way you did this in buildah.
For bridge networking we can use the bridge gatway.

[mheon]

Approach from @Luap99 seems correct

[github-actions]

A friendly reminder that this issue had no activity for 30 days.

[github-actions]

A friendly reminder that this issue had no activity for 30 days.