17

What I am trying to accomplish is to connect to a database installed on the host system. Now there is a similar question already for docker, but I could not get that to work with Podman, I imagine because networking works a bit differently here.

My solution so far has been to use --add-host=dbhost:$(ip route show dev cni-podman0 | cut -d\ -f7), but I am not certain that's a good idea and it's not going to work when a different network is used.

What is the best approach to accomplish this? Is there perhaps a default hostname for the container host already defined?

Thomas Glaser
  • 1,670
  • 1
  • 18
  • 26

2 Answers2

15

You can also use host.containers.internal in podman. It's basically Podman's equivalent to host.docker.internal, but works out of the box.

Some One
  • 153
  • 1
  • 4
  • How does one use this? – Iizuki Aug 09 '23 at 11:31
  • 1
    @Iizuki for example, on your local host run `npx http-server`, then in a different terminal start a container with `podman run --rm -it alpine sh`. Once on the container, run `apk add curl` then `curl host.containers.internal:8080`. – Yves Dorfsman Aug 17 '23 at 16:03
8

The solution with podman is identical to that described in the answer to which you provided a link: the default route visible inside the container can be used to connect to host services (assuming they are listening on all addresses or are explicitly bound to the podman bridge).

For example, if I have a webserver running on port 8080 on my host...

darkhttpd . --port 8080

I can start a container:

$ sudo podman run -it --rm alpine sh

And inside that container if I get the address of the default gateway:

/ # ip route
default via 10.88.0.1 dev eth0
10.88.0.0/16 dev eth0 scope link  src 10.88.0.42

I can connect to the webserver on that address:

/ # wget -O- http://10.88.0.1:8080/hello.txt
Connecting to 10.88.0.1:8080 (10.88.0.1:8080)
Hello world
-                    100% |***************************************|    12  0:00:00 ETA

The only caveat -- which is also true for Docker -- is that your host firewall must be configured such that it does not block inbound connections from your containers.

larsks
  • 277,717
  • 41
  • 399
  • 399
  • 3
    Thanks, but I was looking for a more generic solution - in this case my container would become dependent on the host, but it would be nice to have flexibility where I can just access a hostname and it could be either the host, another server, or a container. – Thomas Glaser Nov 15 '19 at 13:18
  • @ThomasGlaser There are, as usual, many solutions to the problem you have described, but I would argue this is a clear cut argument for using _names_ as opposed to IP addresses -- use something like `mydatabase` instead of the IP address in your container setup, and make sure your DNS server or `/etc/hosts` responds with the desired IP address (`10.88.0.1` in the example in the answer) for that name. – Armen Michaeli Dec 08 '22 at 16:09
  • When I try this on my setup I get the error `Network is unreachable` when trying to connect to the host through the default route's IP address. Ping works, but not TCP. Any idea? – Guss Jul 03 '23 at 08:44
  • I would need more details about your configuration. That's probably worth opening a new question. – larsks Jul 03 '23 at 15:51