Published on

The rabbit hole called docker networking

Authors

Situation

I run a native version of nginx on my server, on it i have docker installed, and a mix of manually set up letsencrypt certificates and virtual hosts.

For running this website, i thought of modernizing that a bit by dockerizing it. No sooner said than done i created a docker version of my website, created a proxy rule in nginx and with high hopes i reloaded the nginx configuration by running nginx -s reload.

After looking at a spinner, and performing some hard refreshes i still got nothing but timeouts and eventually an error page.

So i started digging in, my approach is written down in the next paragraph(s)

Path to the solution

  • Started with the logs, which unfortunately told me nothing
  • Changed the proxy pass rule to use the docker0 bridge IP, also no luck there
  • See that the application is running on localhost, so i manually altered the /etc/hosts file to do some trickery, also (as you might've imagine) no luck
  • Reading up on what the experts have to say about it, but without a real knowledge on what to look for, that only confused me more. Which has nothing to do with the excellent articles by the way!
  • Dockerize my complete nginx setup, which worked for a single site but since my other applications weren't dockerizable that resulted in nothing but respect for the technologies used.
  • Diving into host modes, bridges, macvlan and NATs which goes way over my head so i felt like a fish out of water.
  • Running the application on 0.0.0.0 instead of localhost also didnt do the trick which made me understand the underlying issue even less.

Cowards way out

I ended up using the --network=host option to utilize my own network stack which did solve the issue but i'm still not happy with.

Any suggestions are more than welcome.