WARNING: Published ports are discarded when using host network mode

The warning message WARNING: Published ports are discarded when using host network mode means that the -p (publish) flag for port mapping is ignored when you use the --network host option. Explanation When you run a Docker container with the --network host option, the container shares the host’s network stack. This means the container does not get its own network namespace and IP address. Instead, it uses the host’s IP address and network interfaces directly. Implications

• No Port Mapping Needed: Since the container is using the host’s network stack, it can directly access all the host’s ports. Therefore, there is no need to map ports using the -p flag, and Docker discards these options.
• Direct Access: The container’s services will be accessible on the host’s IP address and the specified ports directly. For example, if the container runs a web server on port 80, it will be accessible on http://<host-ip>:80.

Example If you run:

# docker run -d --name kasm_workspaces --restart unless-stopped \
  --network host \
  kasmweb/workspaces:1.16.1

The Kasm Workspaces container will use the host’s network stack, and its services will be accessible on the host’s IP address without needing to publish ports. When to Use Host Network Mode Host network mode can be useful in scenarios where:

• Performance Optimization: It avoids network address translation (NAT) and can improve performance.
• Handling Multiple Ports: It simplifies configurations where a container needs to handle a large range of ports.

Security Considerations Using host network mode gives the container more access to the host’s network, which can have security implications. Ensure that you secure your host and container appropriately.