I have a service running on a host at port 8545
. I have several docker containers which need access to this service on the host. The host is running ubuntu. I've successfully configured
extra_hosts:
- "host.docker.internal:host-gateway"
in the docker-compose file I use to bring up my docker containers. However, I'm finding that the containers cannot access host.docker.internal:8545
unless I open up that port on the host with
ufw allow 8545
However, this opens up the port to anyone which isn't desirable.
How can I open up this port to just the docker containers running on the host?
EDIT: I've seen that the docker0
interface has an IP of 172.17.0.1
. I tried running sudo ufw allow from 172.17.0.1
but that didn't enable my containers to access port 8545
on the host.
root@localhost:~/code/metis/ops# ufw status
Status: active
To Action From
-- ------ ----
22/tcp ALLOW Anywhere
Anywhere ALLOW 172.17.0.1
22/tcp (v6) ALLOW Anywhere (v6)
root@localhost:~/code/metis/ops# docker exec -it ops_l2geth-mainnet_1 /bin/sh
/ # geth attach http://host.docker.internal:8545
Fatal: Failed to start the JavaScript console: api modules: Post "http://host.docker.internal:8545": context deadline exceeded
EDIT 2: I also tried another suggestion from here which also didn't work:
root@localhost:~/code/metis/ops# ufw allow out on docker0 from 172.17.0.0/16
Rule added
root@localhost:~/code/metis/ops# docker exec -it ops_l2geth-mainnet_1 /bin/sh
/ # geth attach http://host.docker.internal:8545
Fatal: Failed to start the JavaScript console: api modules: Post "http://host.docker.internal:8545": context deadline exceeded
EDIT 3: I forgot to mention that I'm running these containers with docker-compose. As I understand, docker-compose uses custom networks which might explain why the above ufw allow
commands aren't helping.