-
Notifications
You must be signed in to change notification settings - Fork 121
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
network_mode: "host" probably not working as expected #1031
Comments
Unfortunately Docker for Desktop doesn't currently support the "host" network_mode where containers are able to freely bind host ports without being managed by docker. Instead, ports must be explicitly whitelisted in the I notice that you have white-listed port 5432 in your network_mode: "bridge" then port
I believe "bridge" mode is actually the default so you could delete the In the longer term we're still considering what it would take to make |
There are plenty more issues related to net=host not working the way it does on linux, like #155 (which has the most useful information on it) and maybe #68 and #57 If this is going to be where this issue is consolidated, please also take note of this thread that sounded like it might contain a workable solution but hasn't been commented on either way by someone from docker as far as I know. As far as use cases, I use docker to run an application that (1) scans the local network looking for other devices and needs to see their mac addresses, and (2) dynamically binds to a local port that will later be used by other hosts to contact it. Both of these things work fine on linux with --net=host, and don't work as expected on a mac. Apologies in advance if I'm conflating things that you guys see as distinct issues, but it would definitely help if someone from docker could provide some guidance on whether it's realistic to hope that --net=host will ever work the same way it does on linux. Thanks. |
I'll add our current use case that is failing right now: We have nginx acting as a reverse proxy for our other services. Each service and nginx are all in separate containers. We run our services in Swarm mode with 1.13 (using docker compose v3), and then using another compose file, run nginx, which is supposed to communicate with each service. We could add nginx to the swarm or use container linking, but then we have to change our nginx config in production vs local dev because we run nginx directly on hosts in production. I did get that working with a The idea was that we could run nginx in I am open to workarounds or other ideas, but host mode would make this a lot easier :) |
It appears it is possible for a standard xhyve install is able to allow access to the xhyve VM from the outside as indicated by the blog post at http://mifo.sk/post/xhyve-for-development I think this would be the first step to properly supporting --net=host in Docker for Mac Can someone from the Docker team investigate this? |
ERROR: The Compose file './docker-compose.yml' is invalid because: |
I'd just like to add my use-case as it's pretty frustrating. I have a media server setup on my system where I host about five different services to support my media server setup (Jackett, Plex, Radarr, Sonarr, Transmission) and I only ever need to run all or none of these, and I'd like the individual applications to be isolated from the host (so this is a perfect use case for docker-compose). Two of the five services have it recommended that you bind the services directly to the "host". Also, unlike on linux, Plex will show the following on Mac OS X after having to manually bind the 2 TCP ports and 4 UDP ports: And is not at all fun to use in this mode (with the incorrect hostname and an "indirect" connection). |
It would also be very useful for e.g. having |
Are there any news on this? Do you think that this issue will be addressed anytime soon? |
I would like to connect to my local mongodb on the host machine from inside my container, since mongodb cannot be mirrored inside a container using mapped volumes, and I would like to continue working with the same db when developing locally or containerized. Also, in prod we are using a managed service of mongodb and not a local mongo container.
Docker version 18.03.0-ce, build 0520e24 I was hoping to use netowrk_mode: "host" in my docker-compose.yaml, however it doesn't seem to work. |
Ladies and Gents, I believe the jury is still out on the issue of supporting --net=Host. At this point, I wouldn't even recommend a workaround because too much of the information available is dated. However, developers, I found a Web-site, and a blog post at http://www.forum.synology.com., the post is dated January 15, 2017, 6:52 pm. The post is by an individual identified as 'mightbetrue'. Mightbetrue says, "Just wanted to say that Docker in DSM6 is able to handle NET=HOST using the checkbox at the bottom of the network-tab during the creation of a container". "The setting is not available for existing containers". There is no reason to tinker around in any .conf file anymore". I don't have an operating system for testing, so I advise everyone wanting to proceed, to proceed with caution! And Good-luck! |
DSM 6 us the Synology operating system, which is based on Linux. This thread is about Docker for Mac! |
I understand that there may be limitations for Docker on Mac. After all, it is still a free product, and I am grateful to the developers for such a great tool. However when a feature is not supported on one platform, PLEASE ISSUE A WARNING OR EVEN BETTER STOP WITH AN ERROR! I just spent a few hours trying to debug deployment of development stack that worked on Linux some time ago a tearing my hair out why things do not work. And as usually I first tried hard to find the bug in my own code. |
+1 |
Like many others, I followed the doco when attempting to get eclipse to talk to my local xquartz server on my mac and it doesn't work. Please also note that along my travels I found that unix sockets also aren't properly shared between container and host when mapped using run -v. |
Issues go stale after 90d of inactivity. Prevent issues from auto-closing with an If this issue is safe to close now please do so. Send feedback to Docker Community Slack channels #docker-for-mac or #docker-for-windows. |
Issues go stale after 90 days of inactivity. Prevent issues from auto-closing with an If this issue is safe to close now please do so. Send feedback to Docker Community Slack channels #docker-for-mac or #docker-for-windows. |
/lifecycle frozen |
What's the status on this task? I have a service running on my mac, and I need to connect to it from inside of container. |
This problem with Docker desktop Mac v 20+ downgrade to compile with network mode host. As it is required for ECS Farget. |
Docker Desktop: 3.3.3 (64133) Services inside containers do not bind to the host networks interface. |
I found a two solutions to my problem that worked. First in this Stackoverflow article. I hope this helps someone. entrypoint:
- "sh"
- "-c"
- |
echo "$$(getent hosts host.docker.internal | awk '{ print $$1 }') localhost.com" >> /etc/hosts;
cat /etc/hosts; Output from the entrypoint:
Second in the docs network section networks:
default:
aliases:
- localhost.com |
@vordimous and after adding the this two sections you were able to request the |
You still can't use the |
Thought to mention.. I had a similar issue, what I've done is created a separate
And pulled all |
I'd like to add another use case, albeit a niche one. I am trying to dockerize our dev environments as much as possible. One of those containers is a flutter container where we pass our commands. We are currently trying to start the app and connect to a local simulator (iOS Simulator to run the app), however the setup still is not working. With network host we could probably make flutter find the devices locally and work much easily. |
Would like to add a use case of mine that fits under this category. I am running pihole DNS within a container. Using a bridge network allows basic functionality. However, I'd like pihole to see hosts on my network so I can see per device stats and use per device blocking. |
I had issues when running the command on my m2 macbook air. [It turns out][1] that apparently docker desktop on macOS doesn't really support the host option. Additionally, it looks like I had to explicitly pass the port mapping options for the ports to be actually mapped. There might be a better and more efficient solution, but this is what I came up with and it finally worked. [1]:docker/for-mac#1031
I had issues when running the command on my m2 macbook air. [It turns out][1] that apparently docker desktop on macOS doesn't really support the host option. Additionally, it looks like I had to explicitly pass the port mapping options for the ports to be actually mapped. There might be a better and more efficient solution, but this is what I came up with and it finally worked. [1]:docker/for-mac#1031
I had issues when running the command on my m2 macbook air. [It turns out][1] that apparently docker desktop on macOS doesn't really support the host option. Additionally, it looks like I had to explicitly pass the port mapping options for the ports to be actually mapped. There might be a better and more efficient solution, but this is what I came up with and it finally worked. [1]:docker/for-mac#1031
Clarify docker command for macOS I had issues when running the command on my m2 macbook air. [It turns out][1] that apparently docker desktop on macOS doesn't really support the host option. Additionally, it looks like I had to explicitly pass the port mapping options for the ports to be actually mapped. There might be a better and more efficient solution, but this is what I came up with and it finally worked. [1]:docker/for-mac#1031
|
Host networking reached GA in Docker Desktop v4.34, and we removed the sign-in requirement in v4.35. So let me close this ticket. |
I'm trying to run from a
docker-compose.yml
the a service withnetwork_mode: "host"
but it doesn't seem to be working as expected in OS X.Having the
docker-compose.yml
:Expected behavior
Running
nmap -sT 127.0.0.1
should output:Actual behavior
Running
nmap -sT 127.0.0.1
doesn't show the expected port.The text was updated successfully, but these errors were encountered: