I'm running a container based on the following image:
https://hub.docker.com/r/ibmcom/websphere-traditional
Everything works fine when i use the same ports on container and host, like so:
docker run --name test -h test -p 9043:9043 -p 9443:9443 -d ibmcom/websphere-traditional:latest
but if i want to use other ports like this:
docker run --name test -h test -p 8500:9043 -p 8600:9443 -d ibmcom/websphere-traditional:latest
container runs but i cannot reach the admin console.
I'm using windows 11 as host.
Remapping the container ports to arbitrary host ports isn't possible due to the way WebSphere's networking works.
By default, WebSphere will send redirect responses to clients using the port it has in serverindex.xml for the server's defaulthost or defaulthost_secure endpoint. If you do any sort of port mapping (like Docker or even reverse proxying via a webserver) and WebSphere issues a redirect, the URL it redirects to will have the wrong port (the one from serverindex.xml, not the one you are using to talk through the webserver) and the redirect will fail.
To deal with this, the WebSphere container image comes configured out of the box with some properties set to cause redirects to include the port in the Host header of the request, which is the port you're actually making the request to as the client (see https://www.ibm.com/docs/en/was-nd/8.5.5?topic=configuration-web-container-custom-properties#returningtheportnumberfromtherequesthostheaderfirst).
However, once WebSphere starts trusting the Host header's port, it starts using that port to associate the incoming request with a Virtual Host Host Alias. In the container image, WebSphere's default_host has host aliases for *:9080, *:9443, *:80 and *:443, so applications mapped to the default_host can be accessed by any hostname and any of those ports, even through a webserver. Similarly, the admin_host virtual host (which the admin console is configured to use) has aliases for *:9043 and *:9060. Other ports, however, won't have hostaliases defined for them.
You'll need to use wsadmin to configure the appropriate virtual host to have a hostalias for the specific port you want to map your container to use on the host. (this page tells how). So in your example you would have to add a new host alias to admin_host specifying * for the hostname and 8500 for the port, and a new host alias to default_host specifying * for the hostname and 8600 for the port. Note that you can't have the same host:port combination as a host alias on multiple virtual hosts.