Way to connect to host's external interface from container in user network

General Discussions General
,
1

Please help perhaps I am missing something trivial here.
I have two containers running
A) running in the user network
B) running on the host network (-network host) and listening external interfaces on the server

I see no way how to connect from A to B with the following constraints:

  1. I can’t put container A into host and user-defined network together to setup link
  2. can’t change network setup

Container A has no idea where it wants to connect to (it uses DNS name which resolves to the same-host external IP). The problem doesn’t exist for two different hosts.

Any ideas?

4

(think) though, arent the dns entries per network? So if Container A is in a custom network, but Container B is not, how is it supposed to to leverage the network’s dns for a network device not beeing present in the network?

Container A can address the docker host’s hostname/ip and Container B’s port to access the service in Container B. Container B could use localhost:{published port of Container A} to access services in Container A.

What prevents you to use a bridged network for Container B?
The long syntax to publish ports even allows to directly bind a host port (though, not sure if this is only available for overlay networks), instead of binding a host port to a container port

5

No, DNS entries are not per network, we are talking about the global DNS (not container managed dns).

Container B should be accessible not only from container A, but also from other sources.
Also as a requirement: B should be bound to host network (since it needs an access to a physical interface to bind to, that’s a requirement).

We can simplify the description and assume that there is no container B, just a service running on the host itself (without docker) and listening only external interface (not docker0).
If you want to run container on the same host, there is no way to connect to that service, but for the rest of the world - there is a very straight and simple. Looks like a logical issue to me.

6

If the context is container to container communication, why would you even consider that I would refer to anything else than a docker network managed dns?!

Honestly: I still have no idea what your problem is.
Your requirment and simplicity approach doesn’t help either, as a container running in --network=host runs in the network namespace of the host and has therefor network-wise identifcal behavior like any native process on the host.

I don’t get the point you try to make, please rephrase.