Expand description
Shared container-to-host networking resolution for service runtimes that spawn sibling containers (Lambda, ECS, RDS, ElastiCache).
Captures the issue #1539 fix shape in one place so the four runtimes
that shell out to docker/podman can’t drift apart again:
- podman ships
host.containers.internalas a built-in container DNS entry on every platform and must NOT receive--add-host host.docker.internal:host-gateway— rootless podman’s gvproxy leaves the magic alias empty and thecreatefails with “host containers internal IP address is empty”. - bare docker on Linux has no
host-gatewaymagic; the bridge gateway IP has to be resolved from the daemon and injected explicitly. - Docker Desktop on Mac/Windows resolves the
host-gatewaymagic value to the host’s IP. - when fakecloud itself runs in a container (
FAKECLOUD_IN_CONTAINER=1, baked into the published image), the sibling containers it spawns publish their ports on the host’s daemon — reachable from inside fakecloud’s container ashost.docker.internal:<port>, not127.0.0.1:<port>.
Structs§
- Host
Networking - Resolved container-to-host networking for a given CLI. Built once at runtime construction and reused for every container spawn.
Constants§
- CONTAINER_
RUNTIME_ HINT - Actionable remediation appended to every error raised when a container runtime (Docker/Podman) is required for an operation but none is available. Kept in one place so RDS, Lambda, ECS, and the server startup banner all surface the same fix steps and can’t drift apart.
Functions§
- cli_
available - True when the CLI responds to
<cli> infowith success — the same liveness probe every runtime used before this module existed. - detect_
bridge_ gateway - Detect the Docker bridge gateway IP on Linux. Returns
Noneif detection fails (caller falls back to the conventional172.17.0.1). - detect_
container_ cli - Auto-detect an available container CLI. Honors
FAKECLOUD_CONTAINER_CLIas an explicit override (returnsNoneif the override doesn’t work), otherwise prefersdockerthenpodman. ReturnsNonewhen neither is usable. - is_
podman_ binary - True when
cliis podman or a podman-compatible binary. Matches on the filename component so absolute paths (/opt/homebrew/bin/podman) and wrappers (podman-remote) both register as podman. Docker Desktop’s compatibility CLI is nameddocker, so this check is safe. - registry_
auth_ hosts - Hostnames fakecloud’s bundled ECR/OCI registry can be addressed by from a
sibling container, each at
server_port. - resolve_
host_ alias - Compute the
(host_alias, add_host_arg)pair for a CLI. Pure except for the bridge-gateway daemon probe on Linux docker, so the macOS / podman branches are unit-testable without a daemon. - resolve_
sibling_ host - Decide what address fakecloud uses to reach the sibling containers it just spawned. Pure helper so the env-var parsing can be tested without touching the process’s real environment.