October 16, 201411 yr I tried to find some info on this but failed. Can someone point me to a resource or explain when you should use Host vs. Bridge for a container? John
November 9, 201411 yr I'm sure I don't have a definitive answer, but I'll give a personal example. The deluge dockerization linked in the sticky indicates bridge with only two ports exported. I wanted to enable randomization of ports in deluge, using UPnP on my router to get them forwarded through NAT. Due to the randomization, it would be impossible to know ahead of time which ports to set up in the container, so I instead chose host mode for the network to enable any port.
November 9, 201411 yr Author I guess I am thinking of Host and Bridge network in the traditional sense and that is not how Docker defines them. I would expect that Host = Docker app uses the Host's IP address.. and... Bridge = Docker app would be assigned an address on the bridge network. Is this not the case?
November 9, 201411 yr I guess I am thinking of Host and Bridge network in the traditional sense and that is not how Docker defines them.[/quote\ You should not get confused with the term 'bridged' when used with a network in a VM. I would expect that Host = Docker app uses the Host's IP address.. What it means in Docker terms is that the docker container has unrestricted access to all the ports available at the host. It will also be using the hosts IP address. Bridge = Docker app would be assigned an address on the bridge network. Is this not the case? [/quote This is where docker differs from a VM. It means that docker still uses the hosts IP address, but that there is a mapping (bridge) between the ports as seen inside the docker container, and the ports these are mapped to at the host level. This is how you can have two different docker containers think they are using the same port internally, but that they are seen as different ports externally.]
November 9, 201411 yr Author Ahhhh...now it all makes sense! Thank you so much for that explanation. What is best practice...bridge or host? Or is more a matter of necessity?
November 9, 201411 yr Ahhhh...now it all makes sense! Thank you so much for that explanation. What is best practice...bridge or host? Or is more a matter of necessity? I think if at all possible it is better to use the bridged mode as it provides better isolation from the host and from other containers. However that only works if the number of ports required is small.
November 10, 201411 yr Think of host mode like setting DMZ on your firewall to one of your computers. Basically you are allowing all the container to do whatever it wants using the hosts IP / ports.
Archived
This topic is now archived and is closed to further replies.