Rede Host na prática

A rede do tipo host trabalha diretamente com a interface de rede da máquina local.

Por exemplo, ao invés de criar um container e liga-lo à uma rede, pode-se criar o container com seu adaptador de rede e liga-lo à interface eth0 como se fosse a máquina local.

O container deixa de ter o isolamento a nível de rede e mantem o isolamento somente a nível de processo.

$ docker container ls -a
CONTAINER ID   IMAGE     COMMAND   CREATED   STATUS    PORTS     NAMES
$ docker network ls
NETWORK ID     NAME      DRIVER    SCOPE
131df83cc78a   bridge    bridge    local
73f2d51a39de   host      host      local
9198ba9fc6fd   none      null      local

$ docker container run -d --network=host nginx
10ec7dc1b4bc53dc375499b3e1aa43ac983a87282d2b8840763cb7184c1a180c

O container não possui endereço IP pois não está ligado às interfaces de subrede docker ou outra rede, por exemplo. Ele está ligado à interface da rede local. O endereço IP do container será o endereço IP da máquina:

$ docker container inspect 10ec7dc1b4bc53dc375499b3e1aa43ac983a87282d2b8840763cb7184c1a180c | grep -Ei "IPAddress"
            "SecondaryIPAddresses": null,
            "IPAddress": "",
                    "IPAddress": "",

Também não foi criada nenhuma interface de rede:

$ ip address
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
    link/ether 00:15:5d:d1:2f:c9 brd ff:ff:ff:ff:ff:ff
    inet 192.168.43.217/20 brd 192.168.47.255 scope global eth0
       valid_lft forever preferred_lft forever
    inet6 fe80::215:5dff:fed1:2fc9/64 scope link
       valid_lft forever preferred_lft forever
3: docker0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default
    link/ether 02:42:1a:26:92:ee brd ff:ff:ff:ff:ff:ff
    inet 172.17.0.1/16 brd 172.17.255.255 scope global docker0
       valid_lft forever preferred_lft forever
    inet6 fe80::42:1aff:fe26:92ee/64 scope link
       valid_lft forever preferred_lft forever

O NGINX estará sendo executado na sua porta padrão 80:

http://localhost:80

Porém, o container não pode ser executado novamente da maneira abaixo. Ocorre o erro abaixo demonstrado pois a porta já está em uso:

$ docker container run -d --network=host nginx
6324e50299790bb168f33544316031d4e8a30c7934f445fedb745fb9e864a2ec
$ docker container ls -a
CONTAINER ID   IMAGE     COMMAND                  CREATED         STATUS                     PORTS     NAMES
6324e5029979   nginx     "/docker-entrypoint.…"   5 seconds ago   Exited (1) 2 seconds ago             great_antonelli
10ec7dc1b4bc   nginx     "/docker-entrypoint.…"   5 minutes ago   Up 5 minutes                         cool_benz
$ docker logs 6324e5029979
/docker-entrypoint.sh: /docker-entrypoint.d/ is not empty, will attempt to perform configuration
/docker-entrypoint.sh: Looking for shell scripts in /docker-entrypoint.d/
/docker-entrypoint.sh: Launching /docker-entrypoint.d/10-listen-on-ipv6-by-default.sh
10-listen-on-ipv6-by-default.sh: info: Getting the checksum of /etc/nginx/conf.d/default.conf
10-listen-on-ipv6-by-default.sh: info: Enabled listen on IPv6 in /etc/nginx/conf.d/default.conf
/docker-entrypoint.sh: Sourcing /docker-entrypoint.d/15-local-resolvers.envsh
/docker-entrypoint.sh: Launching /docker-entrypoint.d/20-envsubst-on-templates.sh
/docker-entrypoint.sh: Launching /docker-entrypoint.d/30-tune-worker-processes.sh
/docker-entrypoint.sh: Configuration complete; ready for start up
2024/09/01 22:58:36 [emerg] 1#1: bind() to 0.0.0.0:80 failed (98: Address already in use)
nginx: [emerg] bind() to 0.0.0.0:80 failed (98: Address already in use)
2024/09/01 22:58:36 [emerg] 1#1: bind() to [::]:80 failed (98: Address already in use)
nginx: [emerg] bind() to [::]:80 failed (98: Address already in use)
2024/09/01 22:58:36 [notice] 1#1: try again to bind() after 500ms
2024/09/01 22:58:36 [emerg] 1#1: bind() to 0.0.0.0:80 failed (98: Address already in use)
nginx: [emerg] bind() to 0.0.0.0:80 failed (98: Address already in use)
2024/09/01 22:58:36 [emerg] 1#1: bind() to [::]:80 failed (98: Address already in use)
nginx: [emerg] bind() to [::]:80 failed (98: Address already in use)
2024/09/01 22:58:36 [notice] 1#1: try again to bind() after 500ms
2024/09/01 22:58:36 [emerg] 1#1: bind() to 0.0.0.0:80 failed (98: Address already in use)
nginx: [emerg] bind() to 0.0.0.0:80 failed (98: Address already in use)
2024/09/01 22:58:36 [emerg] 1#1: bind() to [::]:80 failed (98: Address already in use)
nginx: [emerg] bind() to [::]:80 failed (98: Address already in use)
2024/09/01 22:58:36 [notice] 1#1: try again to bind() after 500ms
2024/09/01 22:58:36 [emerg] 1#1: bind() to 0.0.0.0:80 failed (98: Address already in use)
nginx: [emerg] bind() to 0.0.0.0:80 failed (98: Address already in use)
2024/09/01 22:58:36 [emerg] 1#1: bind() to [::]:80 failed (98: Address already in use)
nginx: [emerg] bind() to [::]:80 failed (98: Address already in use)
2024/09/01 22:58:36 [notice] 1#1: try again to bind() after 500ms
2024/09/01 22:58:36 [emerg] 1#1: bind() to 0.0.0.0:80 failed (98: Address already in use)
nginx: [emerg] bind() to 0.0.0.0:80 failed (98: Address already in use)
2024/09/01 22:58:36 [emerg] 1#1: bind() to [::]:80 failed (98: Address already in use)
nginx: [emerg] bind() to [::]:80 failed (98: Address already in use)
2024/09/01 22:58:36 [notice] 1#1: try again to bind() after 500ms
2024/09/01 22:58:36 [emerg] 1#1: still could not bind()
nginx: [emerg] still could not bind()

Não é possível utilizar o portbind com este tipo de rede:

$ docker container run -d -p 8080:80 --network=host nginx
WARNING: Published ports are discarded when using host network mode
5fc9a1857440017b327466fde2ee568aac815af1922e710c0237ebb876423068
$ docker container ls -a
CONTAINER ID   IMAGE     COMMAND                  CREATED              STATUS                          PORTS     NAMES
6324e5029979   nginx     "/docker-entrypoint.…"   About a minute ago   Exited (1) About a minute ago             great_antonelli
10ec7dc1b4bc   nginx     "/docker-entrypoint.…"   6 minutes ago        Up 6 minutes                              cool_benz

PreviousComo funciona a rede bridge por dentro NextRede none da prática

Last updated 1 year ago