How to share host network bridge when using docker in docker

I’m using the https://github.com/jpetazzo/dind docker image to have docker in docker. When starting docker containers inside the parent docker, is it possible to use the bridge of the parent docker so I can share the network between the containers inside the docker container and the parent docker container?

What I want to do is to access the containers inside the parent docker container from the host directly by IP to assign domain names to them.

  • Visual Studio Tools for Docker - PrepareForCompile task failed unexpectedly
  • Mismatch in mount path
  • How to read all data inside volume from kubernetes master
  • Node https.request to Docker API closes before full result is returned
  • Modifying golang Docker Container using the running shell
  • Basic Docker container reports runlevel unknown
  • UPDATE -> Main Idea

    I’m upgrading a free online Java compiler to allow users to run any program using docker. So I’m using the dind (docker in docker image) to launch a main container that have inside a Java program that receive requests and launch docker containers inside of it.
    So what I want to do is to give the users the option to run programs that expose a port and let them access their containers using a subdomain.
    So graphically I have this hierarchy

    Internet -> My Host -> Main Docker Container -> User Docker Container 1
                                                 -> User Docker Container 2
                                                 -> User Docker Container n
    

    And what I want to do is to give the user a subdomain name to access his “User Docker Container” for example: www.user_25.compiler1.browxy.com

    So he can have a program that expose a port in his “User Docker Container” and can access it using the subdomain www.user_25.compiler1.browxy.com

    What confuses me is that to access the “User Docker Container” I need to access before the Main Docker Container. I’m trying to find a way to access the “User Docker Container” directly, so I thought that if the User Docker Container and the Main Docker container can share the same network I can access the User Docker Container directly from the host and assign a domain name to the “User Docker Container” IP updating the /etc/hosts file on the host.

    Thanks a lot for any advice or suggestion 🙂

  • Docker on Windows Connecting to sql server from dotnetcore app
  • Error using Django with Docker - “Can't connect to MySQL server on '127.0.0.1' (111)”)
  • Docker - Cannot forward ports for an interactive shell
  • Do docker pull using jenkins
  • why my pipework does't add a interface in my container?
  • Docker: MacOSX Expose Container ports to host machine
  • 2 Solutions collect form web for “How to share host network bridge when using docker in docker”

    If you run your “Main docker container” with --net=host, then your configuration simplifies to:

    Internet -> Host -> User Docker Container 1
                     -> User Docker Container 2
                     -> User Docker Container n
    

    Although you probably want to use a bridge other than docker0 for the child containers (e.g., create a new bridge docker1, and start your dind Docker daemon with -b docker1).

    If two users were to attempt to publish a service on the same port at the same ip address, then yes, you would have port conflicts. There are a few ways of working around this:

    1. If you can support multiple public ip addresses on your host, then you can “assign” (in quotes because this would not be automatic) one to each container. Instead of running docker run -p 80:80 ..., you would need to make the bind ip explicit, like docker run -p 80:80:1.2.3.4. This requires people to “play nice”; that is, there is nothing to prevent someone from either forgetting to specify a bind address or from specifying the wrong address.

    2. If you are explicitly running web services, then you may be able to use some sort of front-end proxy to map subdomain names to containers using name-based virtual host. There are several components to this process, and making it automated would probably require a little work. Doing it manually is comparatively easy (just update /etc/hosts, for example), but is fragile because when a container is restarted it will have a new ip address. Something like a dynamic dns service can help with this.

    These are mostly suggestions more than solutions, but let me know if you would like more details. There are probably other ways of cracking this particular nut, so hopefully someone else will chime in.

    Finally I took many ideas that larsks gave me and this is what I did

    1. Start docker in docker container with a name (–name compiler)
    2. Execute this command in the host -> sudo route add -net 10.0.0.0 gw docker inspect --format '{{ .NetworkSettings.IPAddress }}' compiler netmask 255.255.255.0

    For this to work I added a custom bridge in the docker in docker container that ensure that the ip range is 10.0.0.0/24

    Now I can ping containers created inside the docker in docker container from the host

    To have name resolution I installed docker-dns as larsks suggested into the docker in docker container and added the IP of it to /etc/resolv.conf in the host

    The result is that from the host I can access containers by name that are created inside the docker in docker container.

    One possible updgrade thing that I’d like to have is to configure everything with docker and don’t add custom stuff into the host but by now I don’t know how to do that and I can live with this solution

    Docker will be the best open platform for developers and sysadmins to build, ship, and run distributed applications.