DooD Pitfalls: Port Mapping

In this post, we will continue with docker-outside-of-docker pitfalls. This time we will focus on port mapping with the -p flag to docker. When invoking a container with this flag using DooD, the end result may not be what you expect. I’ll show some examples with a nginx docker container.

Pitfall: Port Mapping

I’ll spin up a nginx from my local machine and map the nginx port to 8080.

I now have a nginx container running with 8080 opened on my localhost.

Stop the nginx container using docker stop on the container id (docker ps gives you the id)
Now let’s run that same command from our maven container that we spin up using DooD.

First, let’s start a maven continer:

Next, let’s start the nginx container from the maven container. You should be inside a bash shell on the maven container at this point:

Let’s view localhost:8080 in a browser.

Great, nginx is up and running. Now let’s try to access nginx from our maven container on localhost:8080. This maven image already has curl installed; I’ll use that to access nginx.

Looks like I cannot access nginx from inside the maven container. Why? Well, that’s because the port mapping that we used to spin up the nginx container using -p 8080:80 bound 8080 to docker’s host machine. Because we are using DooD, the host is not the maven container, but the host machine.

Resolution:

Host Network

There are a few ways to solve this. First, we could start up the maven container and tell it to uses the host network using the --network flag.

Now the maven container is running on the same network as the host. While inside the maven container, let’s access the nginx container that should still be running in detached mode using curl http://localhost:8080.

Nice. Now we can access localhost on the host machine. This works, but you may not want a container to run on the host network. Let’s exit out of this maven container and try another option.

User Defined Network

Stop the nginx container by doing a docker stop on the container id.

Next I will run our both the maven container and the nginx container on the same user defined network called demo. First, I’ll create the network.

Now I’ll run the maven container on that network.

Next, I will run the nginx container on that same network. This time, we are going to give the container a --name so we can access it using that name.

Because of the -p 8080:80 flag, nginx will still be accessible on localhost. It will not be accessible on localhost of the maven container, but I should be able to use the nginx container name from the maven container since they are on the same network. This time, I’ll use the command curl http://mynginx:80.

It works! Notice I did not use port 8080 in my curl command. This is because 8080 is only exposed on localhost. Because both containers are on the same network, I can access ports directly inside the nginx container.

Container Ip

Without adding a custom network, we still can access the nginx container from the maven container using the container’s IP address. I’ll get the ip address of our nginx container by inspecting it.

Now I can curl the container by ip and access the port in the container. Note: The containers are not required to be on a custom network for this work. They do, however, need to be on the same network even if it’s the default one.

Success!

All of these methods allow containers to talk with each other wether you are using DooD or not. Just remember if you are using DooD, then port mapping via the -p flag always binds to the host machine, not the container you are running in.

Leave a Reply

Your email address will not be published. Required fields are marked *