How to share host network bridge when using docker in docker

I’m using the https://github.com/jpetazzo/dind docker image to have docker in docker. When starting docker containers inside the parent docker, is it possible to use the bridge of the parent docker so I can share the network between the containers inside the docker container and the parent docker container?

What I want to do is to access the containers inside the parent docker container from the host directly by IP to assign domain names to them.

  • How can you get Grunt livereload to work inside Docker?
  • How should I handle Perl module updates when maintaining docker images?
  • Setting arguments in docker-compose file
  • How to update docker version in AWS ECS
  • Daemonized buildbot start
  • Docker how to add volume to a running container?
  • UPDATE -> Main Idea

    I’m upgrading a free online Java compiler to allow users to run any program using docker. So I’m using the dind (docker in docker image) to launch a main container that have inside a Java program that receive requests and launch docker containers inside of it.
    So what I want to do is to give the users the option to run programs that expose a port and let them access their containers using a subdomain.
    So graphically I have this hierarchy

    Internet -> My Host -> Main Docker Container -> User Docker Container 1
                                                 -> User Docker Container 2
                                                 -> User Docker Container n
    

    And what I want to do is to give the user a subdomain name to access his “User Docker Container” for example: www.user_25.compiler1.browxy.com

    So he can have a program that expose a port in his “User Docker Container” and can access it using the subdomain www.user_25.compiler1.browxy.com

    What confuses me is that to access the “User Docker Container” I need to access before the Main Docker Container. I’m trying to find a way to access the “User Docker Container” directly, so I thought that if the User Docker Container and the Main Docker container can share the same network I can access the User Docker Container directly from the host and assign a domain name to the “User Docker Container” IP updating the /etc/hosts file on the host.

    Thanks a lot for any advice or suggestion 🙂

  • Is there a way to add a hostname to an EXISTING docker container ?
  • Pushing to a private Docker v2 registry gives an error: Manifest invalid
  • How to run docker LXC containers on another partition? [closed]
  • Access hosts zfs from docker container
  • VOLUME command in docker image is using custom-volume driver
  • Commands to execute background process in Docker CMD
  • 2 Solutions collect form web for “How to share host network bridge when using docker in docker”

    If you run your “Main docker container” with --net=host, then your configuration simplifies to:

    Internet -> Host -> User Docker Container 1
                     -> User Docker Container 2
                     -> User Docker Container n
    

    Although you probably want to use a bridge other than docker0 for the child containers (e.g., create a new bridge docker1, and start your dind Docker daemon with -b docker1).

    If two users were to attempt to publish a service on the same port at the same ip address, then yes, you would have port conflicts. There are a few ways of working around this:

    1. If you can support multiple public ip addresses on your host, then you can “assign” (in quotes because this would not be automatic) one to each container. Instead of running docker run -p 80:80 ..., you would need to make the bind ip explicit, like docker run -p 80:80:1.2.3.4. This requires people to “play nice”; that is, there is nothing to prevent someone from either forgetting to specify a bind address or from specifying the wrong address.

    2. If you are explicitly running web services, then you may be able to use some sort of front-end proxy to map subdomain names to containers using name-based virtual host. There are several components to this process, and making it automated would probably require a little work. Doing it manually is comparatively easy (just update /etc/hosts, for example), but is fragile because when a container is restarted it will have a new ip address. Something like a dynamic dns service can help with this.

    These are mostly suggestions more than solutions, but let me know if you would like more details. There are probably other ways of cracking this particular nut, so hopefully someone else will chime in.

    Finally I took many ideas that larsks gave me and this is what I did

    1. Start docker in docker container with a name (–name compiler)
    2. Execute this command in the host -> sudo route add -net 10.0.0.0 gw docker inspect --format '{{ .NetworkSettings.IPAddress }}' compiler netmask 255.255.255.0

    For this to work I added a custom bridge in the docker in docker container that ensure that the ip range is 10.0.0.0/24

    Now I can ping containers created inside the docker in docker container from the host

    To have name resolution I installed docker-dns as larsks suggested into the docker in docker container and added the IP of it to /etc/resolv.conf in the host

    The result is that from the host I can access containers by name that are created inside the docker in docker container.

    One possible updgrade thing that I’d like to have is to configure everything with docker and don’t add custom stuff into the host but by now I don’t know how to do that and I can live with this solution

    Docker will be the best open platform for developers and sysadmins to build, ship, and run distributed applications.