Publish ports from container automatically

The documentation here https://docs.resin.io/faq/troubleshooting/faq/ says “It’s usually not necessary to forward ports within the container because the container is bound to the host networking.” This and other documentation (https://docs.resin.io/learn/develop/runtime/ under Exposed Ports) suggests that all ports are automatically published from the containers.

However, balena inspect <container ID> by default shows "PublishAllPorts": false which causes anything using the host IP and a port number to fail to connect. This requires using a loopback interface to connect internally to any open ports and prevents a host computer from connecting directly to a service.

Manually running balena run --publish-all=true fixes this problem, but I’d like a solution which works with Resin’s autolaunching.

Is this configurable?

I’ve worked around this issue by adding an EXPOSE <port> line to my Dockerfile, which contradicts the documentation but works as expected. It seems, perhaps, that balena is launched with -P and not --publish-all=true as the documentation implies. Is there somewhere I could look to better learn how balena launches containers?

I expect that this default has changed in our recent multi-container release, because on an infrastructure that supports any number of containers on the device there cannot be a deterministic way of deciding what to bind. Furthermore I expect that EXPOSE is the correct solution, and that you have found a problem in our documentation.
I’m going to be pinging those with better knowledge than I to turn this “expect” into something a bit more concrete before putting in an issue to update the docs.

1 Like

Good to know. Thanks for the update!