FR: port mapping switch for windows #15741

Closed
altsheets opened this Issue Aug 21, 2015 · 6 comments

Comments

Projects
None yet
3 participants
@altsheets

feature request: port mapping for windows

Idea: Mapping of guest ports to host ports

Reason: Docker is not yet fully platform-independent for guest TCP/IP services
( see my workaround-by-complicated-user-manual here: #15740 (comment) )

Suggestions:

new switch for docker.exe:

docker run -p 80:80 --guesttohost -d nginx

or

docker run -p 80:80 --guesttohost 80 -d nginx

and/or a new command for Dockerfiles:

...
EXPOSE 80
EXPOSE 443
GUESTTOHOST

CMD ["nginx"]

The latter is (a bit dangerous, and) less important - if the former switch is available.

Both

GUESTTOHOST

and

--guesttohost

should be existent, but ignored on Linux systems - then writing one manual would be enough.

I am optimistic that this is possible. I have not looked into the details yet, but for sure, it has been solved already by some extra (VirtualBox) commands, which I simply suggest now to include into the docker.exe. It will have to do some magic manipulation of the Virtualbox-Ethernet-Adapters, to map the wanted guest machine ports to host machine ports.

Thanks for considering this.

@GordonTheTurtle

This comment has been minimized.

Show comment
Hide comment
@GordonTheTurtle

GordonTheTurtle Aug 21, 2015

Hi!

Please read this important information about creating issues.

If you are reporting a new issue, make sure that we do not have any duplicates already open. You can ensure this by searching the issue list for this repository. If there is a duplicate, please close your issue and add a comment to the existing issue instead.

If you suspect your issue is a bug, please edit your issue description to include the BUG REPORT INFORMATION shown below. If you fail to provide this information within 7 days, we cannot debug your issue and will close it. We will, however, reopen it if you later provide the information.

This is an automated, informational response.

Thank you.

For more information about reporting issues, see https://github.com/docker/docker/blob/master/CONTRIBUTING.md#reporting-other-issues


BUG REPORT INFORMATION

Use the commands below to provide key information from your environment:

docker version:
docker info:
uname -a:

Provide additional environment details (AWS, VirtualBox, physical, etc.):

List the steps to reproduce the issue:
1.
2.
3.

Describe the results you received:

Describe the results you expected:

Provide additional info you think is important:

----------END REPORT ---------

#ENEEDMOREINFO

Hi!

Please read this important information about creating issues.

If you are reporting a new issue, make sure that we do not have any duplicates already open. You can ensure this by searching the issue list for this repository. If there is a duplicate, please close your issue and add a comment to the existing issue instead.

If you suspect your issue is a bug, please edit your issue description to include the BUG REPORT INFORMATION shown below. If you fail to provide this information within 7 days, we cannot debug your issue and will close it. We will, however, reopen it if you later provide the information.

This is an automated, informational response.

Thank you.

For more information about reporting issues, see https://github.com/docker/docker/blob/master/CONTRIBUTING.md#reporting-other-issues


BUG REPORT INFORMATION

Use the commands below to provide key information from your environment:

docker version:
docker info:
uname -a:

Provide additional environment details (AWS, VirtualBox, physical, etc.):

List the steps to reproduce the issue:
1.
2.
3.

Describe the results you received:

Describe the results you expected:

Provide additional info you think is important:

----------END REPORT ---------

#ENEEDMOREINFO

@altsheets

This comment has been minimized.

Show comment
Hide comment
@altsheets

altsheets Aug 21, 2015

thx GordonTheTurtle :-) but this suggestion is independent of my own system.

thx GordonTheTurtle :-) but this suggestion is independent of my own system.

@altsheets

This comment has been minimized.

Show comment
Hide comment
@altsheets

altsheets Aug 21, 2015

I found this information:

VBoxManage modifyvm "VM name" --natpf1 "guestssh,tcp,,2222,,22"
With the above example, all TCP traffic arriving on port 2222 on any host interface will 
be forwarded to port 22 in the guest. The protocol name tcp is a mandatory attribute 
defining which protocol should be used for forwarding (udp could also be used). 
The name guestssh is purely descriptive and will be auto-generated if omitted. 
The number after --natpf denotes the network card, like in other parts of VBoxManage.
http://www.virtualbox.org/manual/ch06.html#natforward

VBoxManage.exe knows about my "default" machine:

C:\Program Files\Oracle\VirtualBox>VBoxManage.exe list vms
...
"default" {aaaaaaaa-bbbb-1111-2222-333333333333}

Before my changes:

VBoxManage showvminfo default --details

NIC 1:           MAC: 112233445566, Attachment: NAT, Cable connected: on, Trace: off (file: none), Type: 82540EM, Reported speed: 0 Mbps, Boot priority: 0, Promisc Policy: deny, Bandwidth group: none
NIC 1 Settings:  MTU: 0, Socket (send: 64, receive: 64), TCP Window (send:64, receive: 64)
NIC 1 Rule(0):   name = ssh, protocol = tcp, host ip = 127.0.0.1, host port = 51122, guest ip = , guest port = 22
NIC 2:           MAC: aabbccddeeff, Attachment: Host-only Interface 'VirtualBox Host-Only Ethernet Adapter #2', Cable connected: on, Trace: off (file: none), Type: 82540EM, Reported speed: 0 Mbps, Boot priority: 0, Promisc Policy: deny, Bandwidth group: none

My below VBoxManage command results in a "Rule(1)":

VBoxManage showvminfo default --details

NIC 1:           MAC: 112233445566, Attachment: NAT, Cable connected: on, Trace: off (file: none), Type: 82540EM, Reported speed: 0 Mbps, Boot priority: 0, Promisc Policy: deny, Bandwidth group: none
NIC 1 Settings:  MTU: 0, Socket (send: 64, receive: 64), TCP Window (send:64, receive: 64)
NIC 1 Rule(0):   name = ccdserver, protocol = tcp, host ip = , host port = 9999, guest ip = , guest port = 8888
NIC 1 Rule(1):   name = ssh, protocol = tcp, host ip = 127.0.0.1, host port = 51122, guest ip = , guest port = 22
NIC 2:           MAC: aabbccddeeff, Attachment: Host-only Interface 'VirtualBox Host-Only Ethernet Adapter #2', Cable connected: on, Trace: off (file: none), Type: 82540EM, Reported speed: 0 Mbps, Boot priority: 0, Promisc Policy: deny, Bandwidth group: none

This is what I had to do:

docker-machine stop default
C:\Program Files\Oracle\VirtualBox\VBoxManage modifyvm default --natpf1 "ccdserver,tcp,,9999,,8888"
docker-machine start default

now when I am running my server:

docker run -p 8888:8888 altsheets/chaincountdown

these two addresses result in exactly the same pages in my browser:

* http://192.168.99.100:8888/
* http://localhost:9999/

SUCCESS!

N.B.:

I chose 9999 only for demonstration purposes, of course, the production system should simply map it to the same port 8888.

TODO:

(1) Find a way to change the port forwarding without powering down the VM. Note that in the "Oracle VM VirtualBoxManager" I can actually change port forwarding settings on a running machine!

(2) The above "VBoxManage modifyvm ..." should go into "docker run --guesttohost ..."

:-)

I found this information:

VBoxManage modifyvm "VM name" --natpf1 "guestssh,tcp,,2222,,22"
With the above example, all TCP traffic arriving on port 2222 on any host interface will 
be forwarded to port 22 in the guest. The protocol name tcp is a mandatory attribute 
defining which protocol should be used for forwarding (udp could also be used). 
The name guestssh is purely descriptive and will be auto-generated if omitted. 
The number after --natpf denotes the network card, like in other parts of VBoxManage.
http://www.virtualbox.org/manual/ch06.html#natforward

VBoxManage.exe knows about my "default" machine:

C:\Program Files\Oracle\VirtualBox>VBoxManage.exe list vms
...
"default" {aaaaaaaa-bbbb-1111-2222-333333333333}

Before my changes:

VBoxManage showvminfo default --details

NIC 1:           MAC: 112233445566, Attachment: NAT, Cable connected: on, Trace: off (file: none), Type: 82540EM, Reported speed: 0 Mbps, Boot priority: 0, Promisc Policy: deny, Bandwidth group: none
NIC 1 Settings:  MTU: 0, Socket (send: 64, receive: 64), TCP Window (send:64, receive: 64)
NIC 1 Rule(0):   name = ssh, protocol = tcp, host ip = 127.0.0.1, host port = 51122, guest ip = , guest port = 22
NIC 2:           MAC: aabbccddeeff, Attachment: Host-only Interface 'VirtualBox Host-Only Ethernet Adapter #2', Cable connected: on, Trace: off (file: none), Type: 82540EM, Reported speed: 0 Mbps, Boot priority: 0, Promisc Policy: deny, Bandwidth group: none

My below VBoxManage command results in a "Rule(1)":

VBoxManage showvminfo default --details

NIC 1:           MAC: 112233445566, Attachment: NAT, Cable connected: on, Trace: off (file: none), Type: 82540EM, Reported speed: 0 Mbps, Boot priority: 0, Promisc Policy: deny, Bandwidth group: none
NIC 1 Settings:  MTU: 0, Socket (send: 64, receive: 64), TCP Window (send:64, receive: 64)
NIC 1 Rule(0):   name = ccdserver, protocol = tcp, host ip = , host port = 9999, guest ip = , guest port = 8888
NIC 1 Rule(1):   name = ssh, protocol = tcp, host ip = 127.0.0.1, host port = 51122, guest ip = , guest port = 22
NIC 2:           MAC: aabbccddeeff, Attachment: Host-only Interface 'VirtualBox Host-Only Ethernet Adapter #2', Cable connected: on, Trace: off (file: none), Type: 82540EM, Reported speed: 0 Mbps, Boot priority: 0, Promisc Policy: deny, Bandwidth group: none

This is what I had to do:

docker-machine stop default
C:\Program Files\Oracle\VirtualBox\VBoxManage modifyvm default --natpf1 "ccdserver,tcp,,9999,,8888"
docker-machine start default

now when I am running my server:

docker run -p 8888:8888 altsheets/chaincountdown

these two addresses result in exactly the same pages in my browser:

* http://192.168.99.100:8888/
* http://localhost:9999/

SUCCESS!

N.B.:

I chose 9999 only for demonstration purposes, of course, the production system should simply map it to the same port 8888.

TODO:

(1) Find a way to change the port forwarding without powering down the VM. Note that in the "Oracle VM VirtualBoxManager" I can actually change port forwarding settings on a running machine!

(2) The above "VBoxManage modifyvm ..." should go into "docker run --guesttohost ..."

:-)

@cpuguy83

This comment has been minimized.

Show comment
Hide comment
@cpuguy83

cpuguy83 Aug 21, 2015

Contributor

It looks like you want docker to modify the VM host's port forwarding rules?
This is not possible, at least not from the daemon... if the docker client has sufficient privileges this could potentially happen, however the extra Dockerfile command would not work (and also is certainly not something that makes sense for the Dockerfile).

You an accomplish this same thing with no added features by listening to the event stream and automatically forwarding ports as needed.

I'm going to close this because it's just not something that really fits in with docker's functionality and can be done externally to docker easily enough.

If you think I've misinterpreted your use-case, please ping here so we can discuss.
Thanks!

Contributor

cpuguy83 commented Aug 21, 2015

It looks like you want docker to modify the VM host's port forwarding rules?
This is not possible, at least not from the daemon... if the docker client has sufficient privileges this could potentially happen, however the extra Dockerfile command would not work (and also is certainly not something that makes sense for the Dockerfile).

You an accomplish this same thing with no added features by listening to the event stream and automatically forwarding ports as needed.

I'm going to close this because it's just not something that really fits in with docker's functionality and can be done externally to docker easily enough.

If you think I've misinterpreted your use-case, please ping here so we can discuss.
Thanks!

@cpuguy83 cpuguy83 closed this Aug 21, 2015

@altsheets

This comment has been minimized.

Show comment
Hide comment
@altsheets

altsheets Aug 21, 2015

Thanks a lot then. I wish you a great weekend, summer, life.

Thanks a lot then. I wish you a great weekend, summer, life.

@altsheets

This comment has been minimized.

Show comment
Hide comment
@altsheets

altsheets Aug 22, 2015

One more comment ...

I am seeing myself more as a (new enthusiastic) user
than a developer who writes essential docker patches :-)

You an accomplish this same thing ...
by listening to the event stream and
automatically forwarding ports as needed.

Sounds as if perhaps that is your way to go then.

What about you write such an easily done extension, to make
Dockerfiles and/or docker.exe truly platform-independent also
for internet services guest containers.

One more comment ...

I am seeing myself more as a (new enthusiastic) user
than a developer who writes essential docker patches :-)

You an accomplish this same thing ...
by listening to the event stream and
automatically forwarding ports as needed.

Sounds as if perhaps that is your way to go then.

What about you write such an easily done extension, to make
Dockerfiles and/or docker.exe truly platform-independent also
for internet services guest containers.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment