vdkr: enable Docker bridge networking

Enable Docker's default bridge network (docker0, 172.17.0.0/16) inside
the QEMU VM to allow multiple containers to listen on the same internal
port with different host port mappings.

Changes:
- Add iptables package to vdkr-rootfs-image for Docker NAT rules
- Change dockerd options in vdkr-init.sh:
  - Set --iptables=true (was false)
  - Remove --bridge=none to enable default docker0 bridge

This enables the workflow:
  vdkr run -d -p 8080:80 --name nginx1 nginx:alpine
  vdkr run -d -p 8081:80 --name nginx2 nginx:alpine
  # Both work - each container gets its own 172.17.0.x IP

Previously with --network=host (the old default), both containers would
try to bind port 80 on the VM's single IP, causing conflicts.

Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>

1 files changed, 3 insertions, 2 deletions

diff --git a/recipes-containers/vcontainer/files/vdkr-init.sh b/recipes-containers/vcontainer/files/vdkr-init.sh
index 7cfe12af..efe56049 100755
--- a/recipes-containers/vcontainer/files/vdkr-init.sh
+++ b/recipes-containers/vcontainer/files/vdkr-init.sh
@@ -92,9 +92,10 @@ start_dockerd() {
     log "Starting Docker daemon..."
     DOCKER_OPTS="--data-root=/var/lib/docker"
     DOCKER_OPTS="$DOCKER_OPTS --storage-driver=overlay2"
-    DOCKER_OPTS="$DOCKER_OPTS --iptables=false"
+    # Enable iptables for Docker bridge NAT and port forwarding
+    DOCKER_OPTS="$DOCKER_OPTS --iptables=true"
     DOCKER_OPTS="$DOCKER_OPTS --userland-proxy=false"
-    DOCKER_OPTS="$DOCKER_OPTS --bridge=none"
+    # Use default docker0 bridge (172.17.0.0/16) for container networking
     DOCKER_OPTS="$DOCKER_OPTS --host=unix:///var/run/docker.sock"
     DOCKER_OPTS="$DOCKER_OPTS --exec-opt native.cgroupdriver=cgroupfs"
     DOCKER_OPTS="$DOCKER_OPTS --log-level=info"