connecting from docker container to docker host

Miller_A · April 29, 2022, 3:25pm

I have a setup where I run all parts of my website in docker containers. My nginx that listens on port 80 and 443 run in a container.

363292a98545        scivm/nginx-django-scivmcom:latest   /usr/bin/supervisord   12 days ago         Ghost               0.0.0.0:40001->22/tcp, 88.198.57.112:443->443/tcp, 88.198.57.112:80->80/tcp     lonely_feynmann

I want to set up a proxy to a service in another container. This container is bound to port 3000 on the host:

b38c8ef72d0a        mazzolino/strider-dind:latest        wrapdocker /usr/bin/   41 minutes ago      Up 41 minutes       0.0.0.0:3000->3000/tcp, 22/tcp, 27017/tcp                                       distracted_einstein

My iptables on the docker host look like this:

root@Ubuntu-1204-precise-64-minimal /var/run # iptables -L
Chain INPUT (policy ACCEPT) target     prot opt source               destination         
ACCEPT     all  --  anywhere             anywhere            
ACCEPT     all  --  anywhere             anywhere             ctstate RELATED,ESTABLISHED
ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:ssh
ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:http
ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:https
ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:8000
DROP       all  --  anywhere             anywhere            

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination         
ACCEPT     all  --  anywhere             anywhere            
ACCEPT     all  --  anywhere             anywhere            
ACCEPT     all  --  anywhere             anywhere             ctstate RELATED,ESTABLISHED

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

From within the container, I am unable to connect to port 3000 on the host machine due to the iptables configuration.

I don't want to open port 3000 to the public internet.

Is there a way to open a direct bridge between the container and the host on port 3000?

Or should I modify my iptables to accept from the docker ip range?

Thomas_J · April 29, 2022, 3:29pm

All you need is Docker's link capabilities [deprecated]

Just get rid of all the complicated stuff you tried to do and start using named containers and then link them to each other.

Quinn · April 29, 2022, 3:34pm

Elias's answer is correct, but the link is long and confusing. Here's a simple summary:

First, run the container to link to, and name it:

sudo docker run -d --name db training/postgres

Then run the other container, linking it to the first container:

sudo docker run -d -P --name web --link db:db training/webapp python app.py

The link from the first container to the second container is put into /etc/hosts. So you can use it like a hostname. For example:

sudo docker run --name web --link db:db training/webapp ping db