Rootless, bridge network and reaching a host service from a container #23776
Replies: 3 comments 9 replies
-
The If you want this entry to work automatically you will need to have a second host ip or switch the ip pasta uses via And the latest pasta version has a new version where we can map any ip to the host so we can fix this properly in podman by v5.3 hopefully #19213, containers/common#2136 |
Beta Was this translation helpful? Give feedback.
-
may i know how to set when the host is Windows WSL2? many thanks! |
Beta Was this translation helpful? Give feedback.
-
Update for podman 5.3 we will use the pasta --map-guest-addr option by default and use that for host.containers.internal so it should work without any config changes. |
Beta Was this translation helpful? Give feedback.
-
Hi,
I am struggling with the following:
I have a compose file with a bunch of services (Kafka, Mongo, etc) and running on a custom bridge network I created manually (let's call it my-bridge).
I then have a docker file that builds and runs a Java webapp (
my-service-a
) onmy-bridge
:my-service-a
needs to be able to communicate with those compose services (hence on the same network), e.g. consume Kafka messages.my-service-a
also exposes a REST API (which I consume from my host's browser or postman atlocalhost:8090
). Some operations of this API causemy-service-a
to perform REST calls to another app (my-service-b
), which is running on my host instead, as a plain old JVM app.my-service-a
uses host namehost.docker.internal
in its configuration to indicate the host ofmy-service-b
, so that it relies on name resolution and doesn't need to know a fixed IP address.I'm quite sure that this used to work fine until very recently, so I dunno if my distro changed something, but the bottom line is, now this doesn't work anymore.
When starting
my-service-a
, I get this:Error: failed to create new hosts file: unable to replace "host-gateway" of host entry "host.docker.internal:host-gateway": host containers internal IP address is empty
So I did some searching and stumbled upon some Issues in this project (e.g. #22653). I tried to apply the first recommendation mentioned here, to no avail.
I created
~/.config/containers/containers.conf
with the following (how can I be sure this change is effective?):Next, I have started
my-service-a
again, this time without the extra host (is this ok?):docker run -p 8090:8080 --name=my-service-a --replace --net=my-bridge_default -d org.me/my-service-a
And I have changed my-service-a's app configuration so that instead of looking for my-service-b at
host.docker.internal
, it useshost.containers.internal
(here also, is this ok?)Now
my-service-a
starts just fine, but is unable to resolvehost.containers.internal
, therefore it's not forwarding calls tomy-service-b
:Caused by: io.netty.resolver.dns.DnsResolveContext$SearchDomainUnknownHostException: Failed to resolve 'host.containers.internal' [A(1)] and search domain query for configured domains failed as well: [dns.podman]
What am I doing wrong?
Thanks
P.S. I have noticed that netavark-dhcp-proxy.socket/service were not running, so I enabled those via systemd, so that they start on every boot. Not sure it's correct/needed.
podman info
Details
Beta Was this translation helpful? Give feedback.
All reactions