Skip to main content

Module container_net

Module container_net 

Source
Expand description

Shared container-to-host networking resolution for service runtimes that spawn sibling containers (Lambda, ECS, RDS, ElastiCache).

Captures the issue #1539 fix shape in one place so the four runtimes that shell out to docker/podman can’t drift apart again:

  • podman ships host.containers.internal as a built-in container DNS entry on every platform and must NOT receive --add-host host.docker.internal:host-gateway — rootless podman’s gvproxy leaves the magic alias empty and the create fails with “host containers internal IP address is empty”.
  • bare docker on Linux has no host-gateway magic; the bridge gateway IP has to be resolved from the daemon and injected explicitly.
  • Docker Desktop on Mac/Windows resolves the host-gateway magic value to the host’s IP.
  • when fakecloud itself runs in a container (FAKECLOUD_IN_CONTAINER=1, baked into the published image), the sibling containers it spawns publish their ports on the host’s daemon — reachable from inside fakecloud’s container as host.docker.internal:<port>, not 127.0.0.1:<port>.

Structs§

HostNetworking
Resolved container-to-host networking for a given CLI. Built once at runtime construction and reused for every container spawn.

Constants§

CONTAINER_RUNTIME_HINT
Actionable remediation appended to every error raised when a container runtime (Docker/Podman) is required for an operation but none is available. Kept in one place so RDS, Lambda, ECS, and the server startup banner all surface the same fix steps and can’t drift apart.

Functions§

cli_available
True when the CLI responds to <cli> info with success — the same liveness probe every runtime used before this module existed.
detect_bridge_gateway
Detect the Docker bridge gateway IP on Linux. Returns None if detection fails (caller falls back to the conventional 172.17.0.1).
detect_container_cli
Auto-detect an available container CLI. Honors FAKECLOUD_CONTAINER_CLI as an explicit override (returns None if the override doesn’t work), otherwise prefers docker then podman. Returns None when neither is usable.
is_podman_binary
True when cli is podman or a podman-compatible binary. Matches on the filename component so absolute paths (/opt/homebrew/bin/podman) and wrappers (podman-remote) both register as podman. Docker Desktop’s compatibility CLI is named docker, so this check is safe.
registry_auth_hosts
Hostnames fakecloud’s bundled ECR/OCI registry can be addressed by from a sibling container, each at server_port.
resolve_host_alias
Compute the (host_alias, add_host_arg) pair for a CLI. Pure except for the bridge-gateway daemon probe on Linux docker, so the macOS / podman branches are unit-testable without a daemon.
resolve_sibling_host
Decide what address fakecloud uses to reach the sibling containers it just spawned. Pure helper so the env-var parsing can be tested without touching the process’s real environment.