Docker Community Forums

Share and learn in the Docker community.

Docker reverse proxy to a container with host networking

Hello all.

I’m generally pretty comfortable with Docker, but I need to do something that has me stumped.

I have a Traefik server running in a Docker container that listens on ports 80 and 443 of the host. I use this container to reverse proxy to a variety of other services all running in Docker containers as well.

Now, however, I am adding a new service that, for a variety of reasons, needs to run using host network mode. I want this service to be accessible via a subdomain on port 443. The service itself listens on port 8192 on the host. So what I need to do is simply set up a reverse proxy from myservice.mydomain.com to 0.0.0.0:8192 on the host.

I am not sure how to do this. How can I proxy traffic from with a non-host mode container (my Traefik reverse proxy) to a port on the host’s network stack? More generally, how can I write data to a port on the host from within a Docker container? Is this even possible?

Thanks for your help.

Ok so this actually ended up being fairly straightforward. The host machine is visible within the Docker container at the IP address assigned to the docker0 network interface. So all I had to do set up the reverse proxy was write the data to that IP address on port 8192 from within the container.

According to this thread, on macOS and Windows the host machine has a static hostname within the containers, but this doesn’t seem to exist on Linux hosts (peculiar).

Whetever you do, never ever use the container ip to communicate with a container. Never!

If your container uses the host network it shares the host’s namespace for networks - network-wise the container acts like a process directly run on the host. Since you alread use the host’s network, I hope the ip address you mention above is the host’s ip address and not the containers ip address…

Since you alread use the host’s network, I hope the ip address you mention above is the host’s ip address and not the containers ip address…

Yes this is the case. The IP address I’m using is taken from the result of running

ip addr show dev docker0

on the host. In my case, that is 172.17.0.1. This is the IP address of the host, not of any container.

Using the static ip of the interface for the docker0 bridge is a valid solution.
Though, you could have used any of the host’s interface ips, except localhost.