Docker Community Forums

Share and learn in the Docker community.

Accessing host network services from a third party docker container

Hi all

Newbie here and have the following requirement. Kindly help, if and when possible.

1.Have a Linux box with two netns namespaces, say ‘global’ and ‘protected’. The protected namespace hosts a service running at say, http port 10000. I have a vEth interface connecting the two namespaces - having 192.168.1.2 on the ‘global’ side and 192.168.1.1 on the ‘protected’ side. The service is running at http://192.168.1.1:10000.

2.I have full control of the Linux box with root permissions etc., but I host a third-party docker image in the ‘global’ namespace (docker image creation etc., is not under our control) but need for the docker instance (via, bash/curl) to reach the service running inside ‘protected’ namespace.

3.The docker container before being run, is provided environment variables and via that, we tell the docker application of the presence of the service at 192.168.1.1:10000. Since, I have control on the startup of the docker as well as the host Linux environment, can docker run be provided options to ‘see’ the localhost network in some way - I have heard of “–network” switch in docker command but not sure. Other could be some form of brctl options but not sure again and hence this query.

4.Caveat is that, I cannot modify the docker image during build or packaging as that is not under my control. Apart from that, I can try any other reasonable options.

Thoughts? Details of environment below.

Thanks in advance
SR

Client:
Version: 18.05.0-ce
API version: 1.37
Go version: go1.9.2

OS/Arch: linux/amd64
Experimental: false
Orchestrator: swarm

Server:
Engine:
Version: 18.05.0-ce
API version: 1.37 (minimum version 1.12)
Go version: go1.9.2

OS/Arch: linux/amd64
Experimental: false

Since you seem familiar with the network namespace technology: by default every container docker start, start with their own dedicated network namespace. Using the flag “–network host” will make the container use the same network namespace as docker so your “global” one.

Open Oracle VM VirtualBox Manager.
Select the VM used by Docker.
Click Settings -> Network.
Adapter 1 should (default?) be “Attached to: NAT”
Click Advanced -> Port Forwarding.
Add rule: Protocol TCP, Host Port 8080, Guest Port 8080 (leave Host IP and Guest IP empty)
Guest is your docker container and Host is your machine.