A rede do tipo host trabalha diretamente com a interface de rede da máquina local.
Por exemplo, ao invés de criar um container e liga-lo à uma rede, pode-se criar o container com seu adaptador de rede e liga-lo à interface eth0 como se fosse a máquina local.
O container deixa de ter o isolamento a nível de rede e mantem o isolamento somente a nível de processo.
$ docker container ls -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
$ docker network ls
NETWORK ID NAME DRIVER SCOPE
131df83cc78a bridge bridge local
73f2d51a39de host host local
9198ba9fc6fd none null local
$ docker container run -d --network=host nginx
10ec7dc1b4bc53dc375499b3e1aa43ac983a87282d2b8840763cb7184c1a180c
O container não possui endereço IP pois não está ligado às interfaces de subrede docker ou outra rede, por exemplo. Ele está ligado à interface da rede local. O endereço IP do container será o endereço IP da máquina:
$ ip address
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
link/ether 00:15:5d:d1:2f:c9 brd ff:ff:ff:ff:ff:ff
inet 192.168.43.217/20 brd 192.168.47.255 scope global eth0
valid_lft forever preferred_lft forever
inet6 fe80::215:5dff:fed1:2fc9/64 scope link
valid_lft forever preferred_lft forever
3: docker0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default
link/ether 02:42:1a:26:92:ee brd ff:ff:ff:ff:ff:ff
inet 172.17.0.1/16 brd 172.17.255.255 scope global docker0
valid_lft forever preferred_lft forever
inet6 fe80::42:1aff:fe26:92ee/64 scope link
valid_lft forever preferred_lft forever
O NGINX estará sendo executado na sua porta padrão 80:
http://localhost:80
Porém, o container não pode ser executado novamente da maneira abaixo. Ocorre o erro abaixo demonstrado pois a porta já está em uso:
$ docker container run -d --network=host nginx
6324e50299790bb168f33544316031d4e8a30c7934f445fedb745fb9e864a2ec
$ docker container ls -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
6324e5029979 nginx "/docker-entrypoint.…" 5 seconds ago Exited (1) 2 seconds ago great_antonelli
10ec7dc1b4bc nginx "/docker-entrypoint.…" 5 minutes ago Up 5 minutes cool_benz
$ docker logs 6324e5029979
/docker-entrypoint.sh: /docker-entrypoint.d/ is not empty, will attempt to perform configuration
/docker-entrypoint.sh: Looking for shell scripts in /docker-entrypoint.d/
/docker-entrypoint.sh: Launching /docker-entrypoint.d/10-listen-on-ipv6-by-default.sh
10-listen-on-ipv6-by-default.sh: info: Getting the checksum of /etc/nginx/conf.d/default.conf
10-listen-on-ipv6-by-default.sh: info: Enabled listen on IPv6 in /etc/nginx/conf.d/default.conf
/docker-entrypoint.sh: Sourcing /docker-entrypoint.d/15-local-resolvers.envsh
/docker-entrypoint.sh: Launching /docker-entrypoint.d/20-envsubst-on-templates.sh
/docker-entrypoint.sh: Launching /docker-entrypoint.d/30-tune-worker-processes.sh
/docker-entrypoint.sh: Configuration complete; ready for start up
2024/09/01 22:58:36 [emerg] 1#1: bind() to 0.0.0.0:80 failed (98: Address already in use)
nginx: [emerg] bind() to 0.0.0.0:80 failed (98: Address already in use)
2024/09/01 22:58:36 [emerg] 1#1: bind() to [::]:80 failed (98: Address already in use)
nginx: [emerg] bind() to [::]:80 failed (98: Address already in use)
2024/09/01 22:58:36 [notice] 1#1: try again to bind() after 500ms
2024/09/01 22:58:36 [emerg] 1#1: bind() to 0.0.0.0:80 failed (98: Address already in use)
nginx: [emerg] bind() to 0.0.0.0:80 failed (98: Address already in use)
2024/09/01 22:58:36 [emerg] 1#1: bind() to [::]:80 failed (98: Address already in use)
nginx: [emerg] bind() to [::]:80 failed (98: Address already in use)
2024/09/01 22:58:36 [notice] 1#1: try again to bind() after 500ms
2024/09/01 22:58:36 [emerg] 1#1: bind() to 0.0.0.0:80 failed (98: Address already in use)
nginx: [emerg] bind() to 0.0.0.0:80 failed (98: Address already in use)
2024/09/01 22:58:36 [emerg] 1#1: bind() to [::]:80 failed (98: Address already in use)
nginx: [emerg] bind() to [::]:80 failed (98: Address already in use)
2024/09/01 22:58:36 [notice] 1#1: try again to bind() after 500ms
2024/09/01 22:58:36 [emerg] 1#1: bind() to 0.0.0.0:80 failed (98: Address already in use)
nginx: [emerg] bind() to 0.0.0.0:80 failed (98: Address already in use)
2024/09/01 22:58:36 [emerg] 1#1: bind() to [::]:80 failed (98: Address already in use)
nginx: [emerg] bind() to [::]:80 failed (98: Address already in use)
2024/09/01 22:58:36 [notice] 1#1: try again to bind() after 500ms
2024/09/01 22:58:36 [emerg] 1#1: bind() to 0.0.0.0:80 failed (98: Address already in use)
nginx: [emerg] bind() to 0.0.0.0:80 failed (98: Address already in use)
2024/09/01 22:58:36 [emerg] 1#1: bind() to [::]:80 failed (98: Address already in use)
nginx: [emerg] bind() to [::]:80 failed (98: Address already in use)
2024/09/01 22:58:36 [notice] 1#1: try again to bind() after 500ms
2024/09/01 22:58:36 [emerg] 1#1: still could not bind()
nginx: [emerg] still could not bind()
Não é possível utilizar o portbind com este tipo de rede:
$ docker container run -d -p 8080:80 --network=host nginx
WARNING: Published ports are discarded when using host network mode
5fc9a1857440017b327466fde2ee568aac815af1922e710c0237ebb876423068
$ docker container ls -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
6324e5029979 nginx "/docker-entrypoint.…" About a minute ago Exited (1) About a minute ago great_antonelli
10ec7dc1b4bc nginx "/docker-entrypoint.…" 6 minutes ago Up 6 minutes cool_benz
