Docker
"connect ECONNREFUSED 127.0.0.1:[PORT]" error when attempting to establish a connection to a local target in Docker environments
- macOS and Windows (Docker >=18)
When working with Docker 18 and above on macOS and Windows, you can establish a connection with a local target by referencing host.docker.internal
, which points to the localhost
. Instead of using http://localhost:9000, utilize http://host.docker.internal:9000.
For details, refer to the documentation: Explore networking features on Docker Desktop.
- Linux with
host
Network Mode
Linux users can also use the host
network mode through the --net
parameter. This mode allows your Docker container to share the host's network stack. To use this mode:
docker run --rm -it --net=host --name bright-cli brightsec/cli repeater [options]
By doing so, the IP address 127.0.0.1
within your Docker container will correspond to your Docker host.
For details, refer to the documentation at Host network driver.
- Docker-for-Linux >=20 with
host.docker.internal
:
If you're using Docker-for-Linux 20.x, you can also employ the host.docker.internal
hostname. However, this requires starting your container with the --add-host host.docker.internal:host-gateway
option:
docker run --rm -it --add-host host.docker.internal:host-gateway --name bright-cli brightsec/cli repeater [options]
For details, refer to the documentation at: Support host.docker.internal DNS name to host · Issue #264 · docker/for-linux.
Cannot load "./path/to/your-script.js" error when attempting to load scripts within a Docker container
The docker container has no direct access to these file systems. For instance, attempting to access hmac.js
using this command would fail, even if the file exists in the current working directory:
docker run --rm -it --name bright-cli brightsec/cli repeater --id <id> --token <token> --scripts '{"example.com": "./hmac.js"}'
To grant the Docker container access to a file or directory on the host machine, you must bind mounts using either the -v
or --mount
options, as shown below (Bind mounts):
docker run --rm -it -v "$(pwd)"/hmac.js:/home/node/hmac.js --name bright-cli brightsec/cli repeater --id <id> --token <token> --scripts '{"example.com": "/home/node/hmac.js"}
docker run --rm -it --mount type=bind,source="$(pwd)"/hmac.js,target=/home/node/hmac.js --name bright-cli brightsec/cli repeater --id <id> --token <token> --scripts '{"example.com": "/home/node/hmac.js"}'
Keep in mind that the working directory is /
, requiring you to specify the absolute path to hmac.js
. However, you can change the working directory using the -w
option as follows:
docker run --rm -it -w -v "$(pwd)"/hmac.js:/home/node/hmac.js -w /home/node --name bright-cli brightsec/cli repeater --id <id> --token <token> --scripts '{"example.com": "./hmac.js"}'
Docker Desktop allows sharing some directories by default (e.g. /Users on Mac), for details refer to the documentation:
Updated about 1 year ago