i’m new to docker, so the following is pretty easy for anyone to verify.
i want to run nagios from inside a container. this can be done with:
docker run -d -p 25:25 -p 80:80 quantumobject/docker-nagios:latest
almost everything works. the exception is this (from inside the container):
/usr/local/nagios/libexec/check_dhcp
which will fail:
CRITICAL: No DHCPOFFERs were received.
if i run check_dhcp outside the container, on the host, it works. i get:
OK: Received 1 DHCPOFFER(s), max lease time = 86400 sec.
i suppose i need to make udp ports 67 and 68 available to the container, so, running:
docker run -d --expose 67 --expose 68 -p 67:67/udp -p 68:68/udp -p 25:25/tcp -p 80:80/tcp quantumobject/docker-nagios:latest
gives me this error:
Error starting userland proxy: listen udp 0.0.0.0:68: bind: address already in use
caused by dhclient on the host. but, many processes can listen to the same ports, so I do this:
docker run -d --expose 67 --expose 68 -p 6700:67/udp -p 6800:68/udp -p 25:25/tcp -p 80:80/tcp quantumobject/docker-nagios:latest
which runs. and then i add these iptables rules … admittedly just a guess:
iptables -A FORWARD -i eth0 -o docker0 -p udp -m udp --sport 68 --dport 6800 -j ACCEPT
iptables -A FORWARD -i docker0 -o eth0 -p udp -m udp --sport 6800 --dport 68 -j ACCEPT
iptables -A FORWARD -i eth0 -o docker0 -p udp -m udp --sport 67 --dport 6700 -j ACCEPT
iptables -A FORWARD -i docker0 -o eth0 -p udp -m udp --sport 6700 --dport 67 -j ACCEPT
the behavior hasn’t changed. check_dhcp works on the host, but fails inside the container.
please help a newbie. what’s the correct approach here?
[running ubuntu15x10 4.2.0-16-generic, and Docker version 1.6.2, build 7c8fca2]