stackoom
  简体   繁体   中英

unable to connect to local dockerized devpi container for pip install in another container without "--net=host"

 原文  2020-01-20 10:13:18       docker/ networking/ docker-compose/ devpi

Question

I am running devpi in a docker container like so:

[Unit]
Description=devpi docker-container
Requires=docker.service
After=docker.service

[Service]
Restart=always
RestartSec=3
ExecStart=/usr/bin/docker run --rm -p 3141:3141 --name devpi -v /devpi_data:/data -e DEVPI_PASSWORD='********' akailash/docker-devpi
ExecStop=/usr/bin/docker stop -t 2 devpi

[Install]
WantedBy=multi-user.target

It runs fine. I can access it via URL on the host as well as install packages from it as expected.

6f663ba131a1        akailash/docker-devpi   "/docker-entrypoint.…"   3 hours ago         Up 3 hours          0.0.0.0:3141->3141/tcp   devpi

However, if I want to build another docker image installing packages from this container there is a ConnectTimeout. If I try a curl the connection times out after a while.

I can do a pip install if I use --net=host option as described in this issue . However, I don't want to have to use host networking. I have tried 0.0.0.0:3141 as well as 172.17.0.1:3141 and I have the same results. Adding --ip=0.0.0.0 in the docker daemon service doesn't work for me. How can I access the devpi container from another container without having to use --net=host every time?

2 answers

solution1
 0  2020-01-20 12:22:42

If you don't want to use the --net=host then you need to open the ports on the machine that is running devpi to allow external clients to connect and use it.

The point is that, when you set the host network to docker it takes their own IP address and then it can bind as many ports you need on that IP address, but if you are not using it your computer is acting as a router for the container and applying a NAT to allow access the internet for outgoing traffic but denying incoming traffic.

Because of that if you don't want to use the host network you have to modify the firewall to add a destination NAT rule and allow the traffic to reach the service.

You have some good examples on how to allow ports on iptables here

solution2
 0 ACCPTED  2020-04-01 04:22:21

Since I need access to devpi only which building the docker images required in my docker-compose file, I used the host networking within the build context:

build:
  network: host
  context: .
  dockerfile: Dockerfile.local

This helps access devpi correctly.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question .NET 6 Docker container running on CentOS host throws a "Resource temporarily unavailable" when trying to connect to a dockerized postgres container Docker container is unable to connect to another container through host ip/domain unable to connect to dockerized mysql container locally pip install fails in Docker container: No route to host Connect to rabbitmq on local host from a Docker container How to connect docker container from local host? Docker: Unable to connect to container from host Unable to connect to host from docker container Easiest way to connect Docker container to local host Unable to connect to Docker container from host
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM