How can I forward a port from one docker container to another?

29.3k Views Asked by At

I commonly see solutions that expose a docker container's port to the host.

In my case I want to forward a local port from one container, to another.

Let's say I run a service on container A that has a hard-coded configuration to access db on localhost 3306. But I want to run the db server on container B.

What is the best way to port-forward from A-localhost:3306 to B-IP:3306?

6

There are 6 best solutions below

7
On BEST ANSWER

Install socat in your container and at startup run

socat TCP-LISTEN:3306,fork TCP:B-IP:3306 &

This will listen locally on your 3306 and pass any traffic bidirectionally to B-IP:3306. socat is available in package named socat. So you will run any of the below commands to install it

$ yum install -y socat
$ apt install -y socat
$ apk add socat

Edit-1

You can even do this by not touching your original container

Dockerfile

FROM alpine
RUN apk update && apk add socat

Build the file as below

docker build -t socat .

Now run a container from same

docker run --name mysql-bridge-a-to-b --net=container:<containerAid> socat socat TCP-LISTEN:3306,fork TCP:BIP:3306

This will run this container on A's network. So when it listens on A's network the localhost:3306 will become available in A even though A container was not touched.

4
On

You can simply run the container with network mode equal to host.

docker run --network=host ...

In that case, from the container point of view, localhost or 127.0.0.1 will refer to the host machine. Thus if your db is running in another container B that listens on 3306, an address of localhost:3306 in container A will hit the database in container B.

2
On

You can do it with Docker-Compose.

docker-compose.yml example:

version: '3'
services:
  web:
    build: .web
    environment:
      DB_HOST: mysql:3306  # the service name below
    ports:
     - "5000:5000"
  mysql:
    build: .mysql
    ports:
     - "3306:3306"  # optional: used for accessing from the host, not from the other container

Here you have 2 docker instances: web and mysql, so each docker instance can see each other using the names you defined as services.

Hope this helps

1
On

This solution is way overkill for the use case stated but in the case you run across this while researching a larger scope.

Hashicorp Consul installs a localhost agent that will proxy the localhost port to the ipaddress and port of a service registered within the directory. https://www.consul.io/intro

I have no relation to Hashicorp besides using their products in systems I've built.

2
On

Containers can access each other on a shared network. You dont need to expose or forward anything.

https://docs.docker.com/network/network-tutorial-standalone/

3
On

If you want container B's port to be exposed as a localhost port on container A you can start container B with the network option set to container mode to start container B on container A's network namespace.

Example:

docker run --net=container:A postgres

Where:

  • A is the name or identifier of the container you want to map into.

This will startup postgres in a container on the same network namespace as A, so any port opened in the postgres container will be being opened on the same interface as A and it should be available on localhost inside container A.