I am using:
- Nomad 1.8.0,
- Consul 1.18.1,
- Docker version 27.3.1, build ce12230
Ubuntu 24.04.1 LTS (Noble Numbat)
onaarch64
(Raspberry 4)
If I add host network in my nomad config file:
client {
enabled = true
host_network "tailscale" {
cidr = "100.121.82.120/32"
reserved_ports = "22"
}
host_network "default" {
cidr = "192.168.68.131/32"
reserved_ports = "22"
}
host_network "localhost" {
cidr = "127.0.0.1/32"
reserved_ports = "22"
}
}
and if I later try to put to use these networks in my nomad job:
network {
port "https" {
static = 443
to = 443
host_network = "tailscale"
}
port "https-k3" {
static = 4443
to = 443
host_network = "default"
}
}
I do see the mapping is correct and job is deployed without issues:
But, the problem is that the mapping in Docker is not correct: the IP 192.168.1.117 (which is also a correct IP, mind you - 192.168.68.131 is used above, but it doesn’t matter which one of the two gets picked up, as long as it’s not 100.* since that goes via Tailscale VPN) is never used, therefore it is not available, here is the inspect result of that docker container:
"PortBindings": {
"443/tcp": [
{
"HostIp": "100.121.82.120",
"HostPort": "443"
}
],
"443/udp": [
{
"HostIp": "100.121.82.120",
"HostPort": "443"
}
]
}
Question:
how do I make Nomad / Docker expose the port on the node 192.168.1.117
(or 192.168.68.131
) correctly in this example?
If that is not possible, how can I make Nomad expose port on 0.0.0.0 (all IPs), I can then make further changes on my side.
Thank you. I have been stuggling with this issue for months already, trying different approaches but without any resolution, so I decided to always expose only 100.* IPs (coming from tailscale virtual network adapter), but I would really like to have this single port mapping work out, it would be a gateway to soo much user improvement in my homelab…