redhatpodmanfleetjetbrains-fleet

How to expose a port which changes dynamically in Podman


I’m trying to setup a containerized remote development box with Fleet as an IDE.

I have a Rocky Linux 9.3 workstation acting as a server with Podman setup on it and am running Fedora 39 in the containers. I’m connecting using my actual computer which has Fleet installed (a Mac).

After following the instructions outlined here: https://www.jetbrains.com/help/fleet/install-on-a-remote-machine.html

I get the following output:

Applying new dynamic config FleetLogConfiguration(refreshTimeout=30, default=WARN, perTarget={}, loggers=[Entry(loggerName=fleet, default=null, perTarget={CONSOLE=WARN, FILE=INFO}), Entry(loggerName=noria, default=null, perTarget={CONSOLE=WARN, FILE=INFO})])
Dock HTTP Api listening to 127.0.0.1:34605
Workspace Server listening to 127.0.0.1:39054
- UID: XXXXXXXXXXXX
- Host ID: XXXXXXXXXXXX
- Lobby Address: https://lobby.fleet.api.jetbrains.com:XXX
- Version: 1.34.94
- Smart Mode: enabled
- Published to JetBrains Relay: true
- Join this workspace using URL: https://fleet.jetbrains.com/?version=1.34.94&workspaceId=XXXXXXXXXX

The “Dock HTTP Api listening to” and “Workspace Server listening to” ports change each time I run the ./fleet launch workspace command.

I have the option to connect via a web relay or SSH, I would like to try SSH because the web relay has been a bit laggy.

So basically I have to find a way to expose the (dynamic) port which the Fleet daemon is listening on to my local network so I can connect using these steps:

https://www.jetbrains.com/help/fleet/connect-to-workspace.html

The two things that I’m having trouble with are:

  1. How to map a dynamic port that changes each time I run the daemon to a port which is exposed by Podman
  2. How to expose the Podman port to the network so I can connect from my local computer’s Fleet application

Podman allows one to share the container and host networks using --net=host or to map every active port within a container to a random port in the host network using --publish-all but I’d prefer to deal with things inside the container so I can reproduce the development environment using a containerfile.

I’m quite new to networking so excuse any errors in my explanation, if anyone has a good place to start I’d very much appreciate it.


Solution

  • According to the documentation to which you've linked, you can use the --workspaceHost and --workspacePort options to set the address and port on which the workspace server is listening:

    fleet launch workspace -- --workspaceHost 0.0.0.0 --workspacePort 4321
    

    See if setting a static workspace server port allows you to connect successfully. There doesn't appear to be a way to control the dock http api port, but perhaps this is unnecessary.


    If I run the above command inside a podman container...

    podman run --rm --name fleet -p 4321:4321 my-fleet-image \
      fleet launch workspace -- \
        --workspaceHost 0.0.0.0 \
        --workspacePort 4321
    

    ...then I can successfully connect to the workspace server both from the local workstation and from other systems on the same network.

    If that's not working for you, I would start by looking at your local workstation's firewall rules.