Docker Community Forums

Share and learn in the Docker community.

Exposing dynamically opened ports inside docker container

(Throwdown) #1

Assuming an application that dynamically opens UDP ports running inside docker container, how would one expose/bind such ports to the outside (host) ports?

This is perhaps same as the question raised here, but, the answer (using --net=host) limits the scalability of running multiple container instances exposing same ports to host.

Is there any way to configure one to one mapping of dynamically opened ports in containers with host?

e.g. port 45199/udp is opened inside container and is exposed to port 45199/udp on host?

(Micahzoltu) #2

I believe that answer is the best you are going to get. Depending on your use case, you could consider setting up a NAT inside your container that listens on a single port and then forwards to the app that is opening on random ports. However, I’m guessing that this won’t work since generally the reason you open many random ports is because you are running some kind of server that opens a separate listening port for each client.

The other option would be to open a large range of ports that are well defined. Then each container in your scaled out cluster could own a separate range. e.g., container-1 would open 10000-10999, container-2 would open 11000-11999, etc…The application would need to be setup to get its port range from environment variables (or other mechanism) and each container would need to be started with a different port range open (so your containerization infrastructure would get a bit more complicated.

In the above situation, you could actually have the application open the same set of ports inside every container, but expose them as different ranges outside the container. Assuming your app doesn’t need to know what ports are open externally, this would work nicely.