I want to connect my docker container (webserver etc) to my existing private network (lets say 192.168.001.0/24.
I red the docomentation with maclan, vlan, overlay etc. but I'm a little bit los.
I know I can share same ports von different container at host IP like ports: 8080:80 , 8081:80 etc.
But I want to give my container a real IP in my private subnet.
This is waht I do:
version: '3.2'
networks:
default:
external:
name: ext-priv-lan
ipam:
config:
- subnet: "192.168.100.0/24"
gateway: "192.168.100.99"
**web1-prod:**
image: .....
ports:
- 80/tcp
- 443/tcp
networks:
ext-priv-lan:
ipv4_address: 192.168.100.77
volumes:
.......
**web2-prod:**
image: .....
ports:
- 80/tcp
- 443/tcp
networks:
ext-priv-lan:
ipv4_address: 192.168.100.88
volumes:
.......
The stack is starting in Portainer. Each container "see" other container. But outside do not see docker container, nor docker container can ping outside.
Any example for that?
My gool is to have "real" private subnet IP and each webserver user ports 80 and 443.
Related
I have the below service in docker compose:
services:
mysql:
image: mysql:8.0
networks:
my_network:
ipv4_address: 172.22.0.11
ports:
- 3307:3306
networks:
my_network:
driver: bridge
ipam:
config:
- subnet: 172.22.0.0/27
When I bring this up, I am able to access the db using localhost:3307. When I remove the ports section, I can access the db using 172.22.0.11:3306.
I though that by having both the configurations, the DB should be accessible using 172.22.0.11:3307. Is this not the case? Also, it is possible to achieve?
The db container exposes port 3306 on whatever network it is attached to. In this case, my_network.
The ports: directive tells docker to expose the port on the external network and how to map it to the local port. In this case, port 3307 is exposed on your localhost and maps to port 3306 on my_network.
I have started learning about Docker and containers, and have been given an assignment to "Host a docker container on the external network (the one that the host is connected to) with its own IP address that is valid for said network".
As far as my understanding goes, Docker containers allow to forward ports onto the host, without exposing the docker container to the outside network. Is there any way to expose the whole container, with all its ports and have its own IP onto the external network?
Here is a excerpt from a test docker-compose.yaml file:
env20:
build: ./env20
image: env20
container_name: env20
hostname: env20
ports:
- "22:22/tcp"
- "80:80/tcp"
depends_on:
- mysql
networks:
gnet:
ipv4_address: 10.10.11.30
restart: unless-stopped
#############################################################
# Netowrk setup
#############################################################
networks:
gnet:
name: gnet
driver: macvlan
ipam:
driver: default
config:
- subnet: 10.10.11.0/24
gateway: 10.10.11.1
Any help would be appreciated!
Hi everyone i have create a network with mac-vlan type in docker because i wanted my containers to be on the same LAN as host.Now the strange thing which i have noticed is that when i stop and then restart a container with docker start command the container gets started but the IP assigned to it is the one that was assigned before the container was shutdown. doesn't IP change when containers are restarted furthermore the container is now not reachable because the IP its showing as its own has now been reassigned to another machine on the network from what i have read that the container is assigned the same IP as before but if the container couldn't get the IP it fails to start but my container is starting just fine. What am i missing here? on ubuntu version 17.10 docker version 17.11.0-ce Api version 1.34 (both client and server)
You should not use static IP's in docker unless you are working with something that allows routing from outside to the inside container, like in you're case macvlan. DNS is already there for service discovery inside of the container network and supports container scaling. And outside the container network, you should use exposed ports on the host.
That being said, you can achieve the above using docker-compose like below :
services:
mysql:
container_name: backend-database
image: mysql:latest
restart: always
environment:
- MYSQL_ROOT_PASSWORD=root
ports:
- "3306:3306"
networks:
mynetwork:
ipv4_address: 10.5.0.5
apache-tomcat:
container_name: apache-tomcat
build: tomcat/.
ports:
- "8080:8080"
- "8009:8009"
networks:
mynetwork:
ipv4_address: 10.5.0.6
depends_on:
- mysql
networks:
mynetwork:
driver: bridge
ipam:
config:
- subnet: 10.5.0.0/16
gateway: 10.5.0.1
Is that possible to specify a static IP for docker container using docker-compose?
eth-java:
image:
registry-intl.ap-southeast-1.aliyuncs.com/einnity/coin-ethereum:1.0
container_name:
eth-java
ports:
- "8002:8198"
networks:
my-network:
ipv4_address: 192.168.1.21
And this container will communicate with
eth:
image:
ethereum/client-go
container_name:
eth
ports:
- "8545:8545"
- "30303:30303"
networks:
my-network:
ipv4_address: 192.168.1.17
volumes:
- /storage/eth/rinkeby:/root/.ethereum/rinkeby/
and the network settings is
networks:
my-network:
driver: bridge
ipam:
driver: default
config:
- subnet: 192.168.1.0/24
I type docker exec -it eth-java /bin/bash. Then I type curl and call RPC on 192.168.1.17:8545, it doesnt work. If don't hardcode the IP and use the dynamic IP, this will works. I just hate using dynamic IP because everytime when restarting the docker container, another IP will be given and I need to change my DB value every time.
I want to create a PostgreSQL cluster composed by a master and two slaves within three containers. I want to do that with docker-compose. Everything works fine but I cannot ping containers from my Mac.
Here the code of my docker-compose.yml.
On Stackoverflow there is this thread How could I ping my docker container from my host that address docker standalone and not docker-compose.
version: '3.6'
volumes:
pgmaster_volume:
pgslave1_volume:
pgslave2_volume:
services:
pgmaster:
container_name: pgmaster
build:
context: ../src
dockerfile: Dockerfile
image: docker-postgresql:latest
environment:
NODE_NAME: pgmaster # Node name
ports:
- 5422:5432
volumes:
- pgmaster_volume:/home/postgres/data
networks:
cluster:
ipv4_address: 10.0.2.31
aliases:
- pgmaster.domain.com
pgslave1:
container_name: pgslave1
build:
context: ../src
dockerfile: Dockerfile
image: docker-postgresql:latest
environment:
NODE_NAME: pgslave1 # Node name
ports:
- 5441:5432
volumes:
- pgslave1_volume:/home/postgres/data
networks:
cluster:
ipv4_address: 10.0.2.32
aliases:
- pgslave1.domain.com
pgslave2:
container_name: pgslave2
build:
context: ../src
dockerfile: Dockerfile
image: docker-postgresql:latest
environment:
NODE_NAME: pgslave2 # Node name
ports:
- 5442:5432
volumes:
- pgslave2_volume:/home/postgres/data
networks:
cluster:
ipv4_address: 10.0.2.33
aliases:
- pgslave2.domain.com
networks:
cluster:
driver: bridge
ipam:
config:
- subnet: 10.0.2.1/24
On my Mac, I have a 192.168.0.0 local network. I expect that doing ping 10.0.2.31 I can ping my container but this is not possible. I think this is due to Linux VM created inside Mac where containers live and the IPs are not reachable outside this VM.
Can someone help me to understand how to make the above three IP reachable? IPs are reachable from one container to another.
Here my full code:
https://github.com/sasadangelo/docker-postgres
you should be able to ping your containers from you host.
via public ip:
just use their public ip. (you had been trying to ping your
container local ip, inside the docker network)
how to find the container public IP?
you can get it by running ifconfig inside the container.
or
or by running on your host docker container inspect <container_id>.
it should be there under NetworkSettings.<network_name>.IPAddress )
via container name/id
docker is running some sort of dns on your machine so you can also use
the container name or id - ping <container_name/id>
note
the way to access your containers outside the docker network is via their published ports. you have bound port 5432 on the docker network to port 5442 on your host, therefore the container should listen and accept traffic at 127.0.0.1:5442 (thats your localhost at the port you've bound)