Virtualbox guest networked to docker on host

[jacotech]

I have a VirtualBox Windows Server guest with an iis, on a Linux host. On the host i also have a docker setup. In docker i have a container providing an openvpn.

For now i have portforwarded the iis port 80 to the host 8888.

Connected to the vpn i can surf to http://172.17.0.1:8888 and see the site. (172.17.0.1 is the host in docker)

I am wondering if i can have the vbox guest and the openvpn docker container on the same network. So i can access the vbox guest directly. As there will be a lot of other services running on the windows machine and i prefer not having to portforward each of them to the host machine.

[socratis]

Docker is a program that relies on VirtualBox, but modifies its configuration files in unknown ways to us, and with unknown consequences, especially the networking part. It is not supported on these VirtualBox forums/channels, they have their own Docker support channels. If you are having this problem with a standalone version of VirtualBox (after a complete uninstallation of Docker), then we can continue this discussion.

[jacotech]

i am not talking about docker machine ... i am talking about a standalone virtualbox install next to docker on the same linux host. I do not see how docker relies on virtualbox as you say.

[fth0]

I have some general remarks regarding VirtualBox and Docker, and some comments regarding the current topic. Since the first part is quite long, and also quite independent from the topic, I'll split them into two posts, so that it can easily be put in a separate thread later on, if the moderators are so inclined.

[fth0]

Some general remarks regarding VirtualBox and Docker (to be carefully read ):

Whereas VirtualBox is an implementation of Hardware virtualization, Docker is an implementation of OS-level virtualization. In simple Docker scenarios (more about that below), there is no hypervisor involved at all, and Docker doesn't even need a CPU with VT-X/AMD-V capabilities. Let's look at using Docker on some common operating systems:

1. Docker on Linux: The Docker Engine consists of a client and a daemon. The Docker daemon uses the resource isolation features of the Linux kernel (cgroups and namespaces) to run multiple Docker containers, and the Docker client is used to manage them. (This can be compared to the VBoxSVC service running multiple VirtualBox VMs on a Linux host, and managing them with VBoxManage or the VirtualBox GUI app). Since Docker containers usually need less resources than VirtualBox VMs, you can already create some fairly complex scenarios on one Linux host alone. Of course, you can (and often do) create even more complex scenarios with several physical or virtual PCs, each running a Docker daemon, and then hardware virtualization is indeed involved.

2. Docker on Windows/macOS: The Docker daemon is a Linux daemon and needs a Linux kernel to run. In order to make it apparently run on Windows/macOS, Docker (before Docker version 1.12, mid 2016) used to install VirtualBox (or used/modified an already installed VirtualBox) and created an implicit VirtualBox VM, running a Linux kernel and the Docker daemon in this VM (the Docker client runs on the Windows/macOS host). Nowadays (Docker version 1.12 and later, since mid 2016), Docker uses native hypervisors (Hyper-V on Windows, HyperKit/Hypervisor.framework on macOS) instead of VirtualBox.

Regarding the networking infrastructure on the host side: VirtualBox offers at least 5 different networking modes (NAT, NAT Network, Bridged, Internal, Host-only), Docker offers at least 4 different networking modes (Bridge, Overlay, Host, Macvlan), and then there are the host OS networking implementations. There is no pair of identical networking modes, so you have to know and understand all three worlds to bring them together.

[fth0]

@jacotech:
Let's start by asking you for some relevant and missing information:

Which host OS, guest OS, VirtualBox and Docker versions are you using?

Please show us the network configuration of your host OS, guest OS, VirtualBox VM and Docker!

[socratis]

@fth0,

Thank you for the in-depth analysis of what Docker is/isn't. I had done an analysis of the Docker packages years ago, most probably before version 1.12, and I had found that it included an almost complete installation of VirtualBox. Now I understand why that was. You can obviously see the issues that were arising when you were trying to have two parallel VirtualBox installations, especially on the HostOnly front.

I think it's about high-time that I need to re-evaluate my standard Copy/Paste snippet that I've been using for years! I already took a look at the current Docker implementation on OSX and I couldn't find any trace of VirtualBox. Same thing on a Mint19 installation, which I'm testing now for a nested Virtualization.

Once again, thank you for the analysis and the explanation!