On Mac OS, when running a nginx container specifying host as networking driver, then executing curl command on MAC OS host I am NOT ABLE to reach the service exposed on port 80 of the host. In other hand, when executing a curl command from another container using host as networking driver as well, then I am ABLE to reach the nginx service exposed on port 80 of the host:
MACHOST:~ user$ docker run -d --network host --name custom-nginx nginx
1157db8de59a5d6c1f16195bd31a395c171b3ce864cd85542b47620ba87efe05
MACHOST:~ user$ curl -s -o /dev/null -I -sw "%{http_code}\n" http://localhost:80
000
MACHOST:~ user$ docker run --rm --network host curlimages/curl curl -s -o /dev/null -I -sw "%{http_code}\n" http://localhost:80
200
I am sure that the expected behavior is the next which I get when executing same commands scenario on a debian host:
cloud_user@debian-instance-2:~$ docker run -d --network host --name custom-nginx nginx
905c905533f8ff8fcab45db05ec1e04545b3357e6ee463f7855da146ccee155f
cloud_user@debian-instance-2:~$ curl -s -o /dev/null -I -sw "%{http_code}\n" http://localhost:80
200
cloud_user@debian-instance-2:~$ docker run --rm --network host curlimages/curl curl -s -o /dev/null -I -sw "%{http_code}\n" http://localhost:80
200
Any hint about what is happening?
Docker Desktop on Mac runs docker daemon on a virtualized OS. [Reference: https://docs.docker.com/docker-for-mac/docker-toolbox/ ]
When executing docker run --network host ... it attaches to the ports on the host machine which is a VM and not the MACHOST (physical machine).
So, container custom-nginx is visible from container based on curlimages/curl image since both of them are running the the same virtual host machine (VM). [Reference: https://github.com/docker/for-mac/issues/2716 ]