0

There are TCP ports that should not be exposed to the outside world, but are isolated between several containers in a network.

To access such a port for debugging purposes, kubectl port-forward can be used from outside the container network. E.g. for access to a non-exposed k8s database on a developer workstation: kubectl port-forward pods / app-dev-database-0 5432: 5432 -n app

Is there a Podman equivalent for kubectl port-forward to set up port forwarding from the Podman host to an existing and running container?

Simon Schürg
  • 2,134
  • 2
  • 20
  • 31
  • Maybe it's possible to use [norouter](https://norouter.io/docs/getting-started/) for your use case? – Erik Sjölund Jan 02 '21 at 23:16
  • 1
    I feel like you're comparing apples to oranges, since (AFAIK) there is no such equivalent in `docker` of what you are describing, and thus kubectl is uniquely positioned to do post-facto port forwarding in ways both docker and podman are not. FWIW, even the kubernetes mechanism is implemented via `socat` on the Node, so it may be worth examining how that is implemented if you are trying to reinvent that process – mdaniel Jan 02 '21 at 23:57

1 Answers1

1

I do not think podman has such an option. There is a 'network' option available in podman. However, it is for creating container networks and not the purpose of port forwarding.

To answer your question, I think socat is the only option

# socat TCP4-LISTEN:5431 TCP4:10.89.1.10:5432

Here anyone connects to 5431 port of the server will be redirected to a container IP and port 10.89.1.10:5432

Wai Ha Lee
  • 8,598
  • 83
  • 57
  • 92
AnilV
  • 56
  • 4
  • 2
    Yes I also thought about just using socat. Simple an neat solution. One improvement could be using the container name instead of the IP since it is auto assigned. `socat TCP4-LISTEN:5431 TCP4:$(podman inspect -f '{{range.NetworkSettings.Networks}}{{.IPAddress}}{{end}}' container_name):5432` – Simon Schürg Jan 03 '21 at 11:18
  • @SimonSchürg that is a very useful way to use socat with podman. thanks. – AnilV Jan 03 '21 at 12:14